Description
Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. From 2.9.0 to before 4.0.2 and 3.7.11, A user who can submit Workflows can completely bypass all security settings defined in a WorkflowTemplate by including a podSpecPatch field in their Workflow submission. This works even when the controller is configured with templateReferencing: Strict, which is specifically documented as a mechanism to restrict users to admin-approved templates. The podSpecPatch field on a submitted Workflow takes precedence over the referenced WorkflowTemplate during spec merging and is applied directly to the pod spec at creation time with no security validation. This vulnerability is fixed in 4.0.2 and 3.7.11.
Published: 2026-03-11
Score: 8.9 High
EPSS: < 1% Very Low
KEV: No
Impact: Privilege Escalation / Security Bypass
Action: Patch
AI Analysis

Impact

Argo Workflows is an open source container-native workflow engine for Kubernetes. From versions 2.9.0 to before 4.0.2 and 3.7.11, a user who can submit Workflows can bypass all security settings defined in a WorkflowTemplate by including a podSpecPatch field in their Workflow submission. The podSpecPatch field takes precedence over the referenced WorkflowTemplate during spec merging and is applied directly to the pod spec at creation time with no security validation, even when the controller operates in Strict mode. This allows an attacker to run arbitrary containers or privileged actions, effectively escalating privileges and compromising cluster security. This weakness is related to CWE‑807 (Privilege Escalation) and CWE‑863 (Missing Authorization).

Affected Systems

The affected vendor is argoproj:argo-workflows. Vulnerable releases include any version from 2.9.0 up to, but not including, 4.0.2, as well as any version up to, but not including, 3.7.11. The issue was fixed in release 4.0.2 and 3.7.11. Users should verify their installed version against these thresholds.

Risk and Exploitability

The CVSS score is 8.9, indicating high severity. EPSS score is below 1%, suggesting the likelihood of exploitation is currently low. The vulnerability is not listed in the CISA KEV catalog. Exploitation requires the ability to submit a Workflow; hence any user with workflow-creation permissions can launch the attack. Once the podSpecPatch is applied, the attacker can modify pod specifications to run malicious containers, potentially gaining elevated privileges within the cluster. This vulnerability is therefore considered a high-risk privilege escalation vector for systems that have exposed workflow submission capabilities.

Generated by OpenCVE AI on March 17, 2026 at 20:45 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Argo Workflows to version 4.0.2 or later, or 3.7.11 or later, as applicable
  • Restrict workflow submission rights to trusted administrators only until upgrade is complete
  • Monitor workflow logs for unexpected podSpecPatch usage and investigate anomalies

Generated by OpenCVE AI on March 17, 2026 at 20:45 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Github GHSA Github GHSA GHSA-3wf5-g532-rcrr Argo Workflows: WorkflowTemplate Security Bypass via podSpecPatch in Strict/Secure Reference Mode
History

Tue, 17 Mar 2026 19:30:00 +0000

Type Values Removed Values Added
First Time appeared Argoproj argo Workflows
CPEs cpe:2.3:a:argoproj:argo_workflows:*:*:*:*:*:go:*:*
Vendors & Products Argoproj argo Workflows
Metrics cvssV3_1

{'score': 9.9, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H'}

 cvssV3_1

{'score': 8.1, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N'}

Fri, 13 Mar 2026 00:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-807
References
Metrics threat_severity

None

 cvssV3_1

{'score': 9.9, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H'}

threat_severity

Important

Thu, 12 Mar 2026 10:15:00 +0000

Type Values Removed Values Added
First Time appeared Argoproj
Argoproj argo-workflows
Vendors & Products Argoproj
Argoproj argo-workflows

Wed, 11 Mar 2026 16:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Wed, 11 Mar 2026 16:00:00 +0000

Type Values Removed Values Added
Description Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. From 2.9.0 to before 4.0.2 and 3.7.11, A user who can submit Workflows can completely bypass all security settings defined in a WorkflowTemplate by including a podSpecPatch field in their Workflow submission. This works even when the controller is configured with templateReferencing: Strict, which is specifically documented as a mechanism to restrict users to admin-approved templates. The podSpecPatch field on a submitted Workflow takes precedence over the referenced WorkflowTemplate during spec merging and is applied directly to the pod spec at creation time with no security validation. This vulnerability is fixed in 4.0.2 and 3.7.11.
Title WorkflowTemplate Security Bypass via podSpecPatch in Strict/Secure Reference Mode
Weaknesses CWE-863
References
Metrics cvssV4_0

{'score': 8.9, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:H'}

Subscriptions

Argoproj Argo-workflows Argo Workflows
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-03-11T16:03:52.643Z

Reserved: 2026-03-09T21:59:02.687Z

Link: CVE-2026-31892

cve-icon Vulnrichment

Updated: 2026-03-11T16:03:34.183Z

cve-icon NVD

Status : Analyzed

Published: 2026-03-11T16:16:44.033

Modified: 2026-03-17T19:17:55.270

Link: CVE-2026-31892

cve-icon Redhat

Severity : Important

Publid Date: 2026-03-11T15:41:14Z

Links: CVE-2026-31892 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-03-23T09:55:26Z

Weaknesses