Kubernetes Secret Extraction via ArgoCD ServerSideDiff · Advisory · argoproj/argo-cd · GitHubgomod

DRANK

### Summary There is a missing authorization and data-masking gap in Argo CD's ServerSideDiff endpoint that allows an attacker with read-only access to extract plaintext Kubernetes Secret data fro...