Argoproj: >> Argo Cd >> 2.8.15 Security Vulnerabilities
Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. There is a Denial of Service (DoS) vulnerability via OOM using jq in ignoreDifferences. This vulnerability has been patched in version(s) 2.10.7, 2.9.12 and 2.8.16.
CVSS Score
6.5
EPSS Score
0.004
Published
2024-05-14
Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. The API server does not enforce project sourceNamespaces which allows attackers to use the UI to edit resources which should only be mutable via gitops. This vulenrability is fixed in 2.10.7, 2.9.12, and 2.8.16.
CVSS Score
4.8
EPSS Score
0.001
Published
2024-04-15
Page 2