On January 30, 2025, a vulnerability was identified in Argo CD, a declarative continuous delivery tool for Kubernetes. This vulnerability, catalogued as CVE-2025-23216, allowed secret values to be displayed in error messages and in the difference view when synchronizing an invalid Secret resource from a repository. Users with write access to the repository could exploit this flaw by committing an invalid Secret and activating a synchronization, resulting in the exposure of sensitive data to any user with read access to Argo CD. The affected versions include up to 2.13.3. Users are encouraged to upgrade to versions 2.13.4, 2.12.10, or 2.11.13 to mitigate this issue.

‍