CVE-2024-52814

Name of the Vulnerable Software and Affected Versions Argo Helm versions prior to 0.45.0

Description The issue is related to the workflow-role lacking granularity in its privileges, giving unnecessary permissions to workflowtasksets and workflowartifactgctasks for all workflow Pods. This could potentially affect status reporting for certain types of Pods and templates. The impact is considered minimal.

Recommendations For versions prior to 0.45.0, update to version 0.45.0 to resolve the issue. As a temporary workaround, consider restricting the privileges of the workflow-role to only those necessary for the Controller to function correctly, minimizing the risk of exploitation.