An unpatched Argo CD vulnerability demonstrates that GitOps platforms must protect internal cluster access with the same security rigor as external exposure, because any compromised pod can directly execute code and manipulate deployments.
An unpatched security flaw in Argo CD’s repo-server component allows network-accessible attackers to execute code with potential for complete cluster compromise.