{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-10T20:59:47.578","vulnerabilities":[{"cve":{"id":"CVE-2024-47827","sourceIdentifier":"security-advisories@github.com","published":"2024-10-28T16:15:03.990","lastModified":"2026-02-06T20:49:29.827","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. Due to a race condition in a global variable in 3.6.0-rc1, the argo workflows controller can be made to crash on-command by any user with access to execute a workflow. This vulnerability is fixed in 3.6.0-rc2."},{"lang":"es","value":"Argo Workflows es un motor de flujo de trabajo nativo de contenedores de código abierto para orquestar trabajos paralelos en Kubernetes. Debido a una condición de ejecución en una variable global en 3.6.0-rc1, cualquier usuario con acceso para ejecutar un flujo de trabajo puede hacer que el controlador de flujos de trabajo de Argo se bloquee cuando así lo ordene. Esta vulnerabilidad se solucionó en 3.6.0-rc2."}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.7,"baseSeverity":"MEDIUM","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.1,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":4.8,"baseSeverity":"MEDIUM","attackVector":"ADJACENT_NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":3.6}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-362"},{"lang":"en","value":"CWE-1108"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:argoproj:argo_workflows:3.6.0:rc1:*:*:*:go:*:*","matchCriteriaId":"D0BD3D96-0958-40AD-BE15-4E2CA8E96FA8"}]}]}],"references":[{"url":"https://github.com/argoproj/argo-workflows/blob/ce7f9bfb9b45f009b3e85fabe5e6410de23c7c5f/workflow/metrics/metrics_k8s_request.go#L75","source":"security-advisories@github.com","tags":["Product"]},{"url":"https://github.com/argoproj/argo-workflows/commit/524406451f4dfa57bf3371fb85becdb56a2b309a","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/argoproj/argo-workflows/pull/13641","source":"security-advisories@github.com","tags":["Issue Tracking","Patch"]},{"url":"https://github.com/argoproj/argo-workflows/security/advisories/GHSA-ghjw-32xw-ffwr","source":"security-advisories@github.com","tags":["Vendor Advisory"]}]}}]}