Affected by GO-2025-4023 and 5 other vulnerabilities

GO-2025-4023: Argo Workflow has a Zipslip Vulnerability in github.com/argoproj/argo-workflows

GO-2025-4024: Argo Workflow may expose artifact repository credentials in github.com/argoproj/argo-workflows

GO-2025-4223: RCE via ZipSlip and symbolic links in argoproj/argo-workflows in github.com/argoproj/argo-workflows

GO-2026-4350: Argo Workflows affected by stored XSS in the artifact directory listing in github.com/argoproj/argo-workflows

GO-2026-4678: Unauthorized access to Argo Workflows Template in github.com/argoproj/argo-workflows

GO-2026-4681: Argo Workflows: WorkflowTemplate Security Bypass via podSpecPatch in Strict/Secure Reference Mode in github.com/argoproj/argo-workflows

The highest tagged major version is v4.

plugins/

Details

Path	Synopsis
executor Package executor The API for an executor plugin.	Package executor The API for an executor plugin.
spec