CVE-2025-59538 | argoproj argo-cd up to 2.14.19/3.0.18/3.1.7/3.2.0-rc1 Configuration uncaught exception (GHSA-gpx4-37g2-c8pv)

A vulnerability, which was classified as problematic, has been found in argoproj argo-cd up to 2.14.19/3.0.18/3.1.7/3.2.0-rc1. Affected is an unknown function of the component Configuration Handler. This manipulation of the argument webhook.azuredevops.username/webhook.azuredevops.password causes uncaught exception.

This vulnerability is tracked as CVE-2025-59538. The attack is possible to be carried out remotely. No exploit exists.

It is advisable to upgrade the affected component.VulDB Recent EntriesRead More