Skip to main content

Argo CD Secuirty-Hardened Images

Argo CD security-hardened images include precisely what is needed to run Argo CD. As a result, we build smaller-sized images with a reduced number of CVEs. By not including a package manager and inserting the needed runtime dependencies, the attack surface is significantly reduced.

Below you will find the weekly-updated security scans of Akuity's security-hardened Argo CD images compared with the open source images.

Security Scan 2024-06-17


Akuity v2.11.3-distroless vs Argo CD v2.11.3

Full list of open source Argo CD vulnerabilities in this release

Target quay.io/akuity/argocd:v2.11.3-distroless

No Vulnerabilities found

Target usr/local/bin/argocd

Vulnerabilities (1)

The below table displays CRITICAL and HIGH severence vulnerabilities only
PackageIDSeverityInstalled VersionFixed Version
github.com/cloudflare/circlGHSA-9763-4f94-gfchHIGHv1.3.31.3.7

Target usr/local/bin/helm

No Vulnerabilities found

Target usr/local/bin/kustomize

Vulnerabilities (2)

The below table displays CRITICAL and HIGH severence vulnerabilities only
PackageIDSeverityInstalled VersionFixed Version
stdlibCVE-2023-45283HIGH1.20.101.20.11, 1.21.4, 1.20.12, 1.21.5
stdlibCVE-2023-45288HIGH1.20.101.21.9, 1.22.2

Akuity v2.10.12-distroless vs Argo CD v2.10.12

Full list of open source Argo CD vulnerabilities in this release

Target quay.io/akuity/argocd:v2.10.12-distroless

No Vulnerabilities found

Target usr/local/bin/argocd

Vulnerabilities (3)

The below table displays CRITICAL and HIGH severence vulnerabilities only
PackageIDSeverityInstalled VersionFixed Version
github.com/cloudflare/circlGHSA-9763-4f94-gfchHIGHv1.3.31.3.7
stdlibCVE-2023-45283HIGH1.21.31.20.11, 1.21.4, 1.20.12, 1.21.5
stdlibCVE-2023-45288HIGH1.21.31.21.9, 1.22.2

Target usr/local/bin/helm

No Vulnerabilities found

Target usr/local/bin/kustomize

Vulnerabilities (2)

The below table displays CRITICAL and HIGH severence vulnerabilities only
PackageIDSeverityInstalled VersionFixed Version
stdlibCVE-2023-45283HIGH1.20.101.20.11, 1.21.4, 1.20.12, 1.21.5
stdlibCVE-2023-45288HIGH1.20.101.21.9, 1.22.2

Akuity v2.9.17-distroless vs Argo CD v2.9.17

Full list of open source Argo CD vulnerabilities in this release

Target quay.io/akuity/argocd:v2.9.17-distroless

No Vulnerabilities found

Target usr/local/bin/argocd

Vulnerabilities (6)

The below table displays CRITICAL and HIGH severence vulnerabilities only
PackageIDSeverityInstalled VersionFixed Version
github.com/cloudflare/circlGHSA-9763-4f94-gfchHIGHv1.3.31.3.7
go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpcCVE-2023-47108HIGHv0.42.00.46.0
google.golang.org/grpcGHSA-m425-mq94-257gHIGHv1.56.21.56.3, 1.57.1, 1.58.3
k8s.io/kubernetesCVE-2023-5528HIGHv1.24.171.28.4, 1.27.8, 1.26.11, 1.25.16
stdlibCVE-2023-45283HIGH1.21.31.20.11, 1.21.4, 1.20.12, 1.21.5
stdlibCVE-2023-45288HIGH1.21.31.21.9, 1.22.2

Target usr/local/bin/helm

Vulnerabilities (2)

The below table displays CRITICAL and HIGH severence vulnerabilities only
PackageIDSeverityInstalled VersionFixed Version
stdlibCVE-2023-45283HIGH1.20.101.20.11, 1.21.4, 1.20.12, 1.21.5
stdlibCVE-2023-45288HIGH1.20.101.21.9, 1.22.2

Target usr/local/bin/kustomize

Vulnerabilities (2)

The below table displays CRITICAL and HIGH severence vulnerabilities only
PackageIDSeverityInstalled VersionFixed Version
stdlibCVE-2023-45283HIGH1.20.101.20.11, 1.21.4, 1.20.12, 1.21.5
stdlibCVE-2023-45288HIGH1.20.101.21.9, 1.22.2