argo-cd-2.12
Chainguard
7.5
CVSS V3
Status
Impact
The dependency causing this CVE, golang-jwt/jwt v3.2.2, is introduced in several places in the argo-cd project. Due to functional changes required to move away from v3 to v4/v5, upstream maintainers are required to implement.
Status
Status
Fixed version
2.12.10-r8Status