CLEANSTART-2026-WQ07901

Import Source

https://github.com/cleanstart-dev/cleanstart-security-advisories/blob/main/advisories/2026/CLEANSTART-2026-WQ07901.json

JSON Data

https://api.test.osv.dev/v1/vulns/CLEANSTART-2026-WQ07901

Upstream

CVE-2025-47913

CVE-2025-47914

CVE-2025-55190

CVE-2025-55191

CVE-2025-58181

CVE-2025-58183

CVE-2025-58185

CVE-2025-58187

CVE-2025-58188

CVE-2025-58189

CVE-2025-59537

CVE-2025-59538

CVE-2025-61723

CVE-2025-61724

CVE-2025-61725

GHSA-2v5j-vhc3-9cwm

GHSA-2vgg-9h3w-qbr4

GHSA-2xsj-vh29-9cwm

GHSA-3wgm-2mw2-vh5m

GHSA-4x4m-3c2p-qppc

GHSA-6v2p-p543-phr9

GHSA-92cp-5422-2m47

GHSA-93mq-9ffx-83m2

GHSA-f6x5-jh6r-wrfv

GHSA-hj2p-8wj8-pfq4

GHSA-j5w8-q4qc-rx2x

GHSA-mh63-6h87-95cp

GHSA-mw99-9chc-xw7r

Published

2026-01-30T16:01:54.911193Z

Modified

2026-01-29T18:58:54Z

Severity

9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process

Details

Multiple security vulnerabilities affect the argo-cd-fips package. SSH clients receiving SSHAGENTSUCCESS when expecting a typed response will panic and cause early termination of the client process. See references for individual vulnerability details.

References

Affected packages

CleanStart / argo-cd-fips

Package

Name: argo-cd-fips

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.2.1-r0

Database specific

source

"https://github.com/cleanstart-dev/cleanstart-security-advisories/blob/main/advisories/2026/CLEANSTART-2026-WQ07901.json"