Page 3 of 24 results (0.005 seconds)

CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0

Argo CD is a declarative continuous deployment for Kubernetes. Argo CD versions v0.7.0 and later are vulnerable to an uncontrolled memory consumption bug, allowing an authorized malicious user to crash the repo-server service, resulting in a Denial of Service. The attacker must be an authenticated Argo CD user authorized to deploy Applications from a repository which contains (or can be made to contain) a large file. The fix for this vulnerability is available in versions 2.3.5, 2.2.10, 2.1.16, and later. There are no known workarounds. • https://github.com/argoproj/argo-cd/security/advisories/GHSA-jhqp-vf4w-rpwq https://access.redhat.com/security/cve/CVE-2022-31016 https://bugzilla.redhat.com/show_bug.cgi?id=2096283 • CWE-400: Uncontrolled Resource Consumption CWE-770: Allocation of Resources Without Limits or Throttling •

CVSS: 4.3EPSS: 0%CPEs: 4EXPL: 0

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. All versions of Argo CD starting with v1.3.0 are vulnerable to a symlink following bug allowing a malicious user with repository write access to leak sensitive YAML files from Argo CD's repo-server. A malicious Argo CD user with write access for a repository which is (or may be) used in a Helm-type Application may commit a symlink which points to an out-of-bounds file. If the target file is a valid YAML file, the attacker can read the contents of that file. Sensitive files which could be leaked include manifest files from other Applications' source repositories (potentially decrypted files, if you are using a decryption plugin) or any YAML-formatted secrets which have been mounted as files on the repo-server. • https://github.com/argoproj/argo-cd/commit/04c305396458508a31d03d44afea07b1c620d7cd https://github.com/argoproj/argo-cd/security/advisories/GHSA-q4w5-4gq2-98vm https://access.redhat.com/security/cve/CVE-2022-31036 https://bugzilla.redhat.com/show_bug.cgi?id=2096291 • CWE-20: Improper Input Validation CWE-59: Improper Link Resolution Before File Access ('Link Following') CWE-61: UNIX Symbolic Link (Symlink) Following •

CVSS: 9.0EPSS: 0%CPEs: 4EXPL: 0

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. All versions of Argo CD starting with v1.0.0 are vulnerable to a cross-site scripting (XSS) bug allowing a malicious user to inject a `javascript:` link in the UI. When clicked by a victim user, the script will execute with the victim's permissions (up to and including admin). The script would be capable of doing anything which is possible in the UI or via the API, such as creating, modifying, and deleting Kubernetes resources. A patch for this vulnerability has been released in the following Argo CD versions: v2.4.1, v2.3.5, v2.2.10 and v2.1.16. • https://argo-cd.readthedocs.io/en/stable/user-guide/external-url https://github.com/argoproj/argo-cd/commit/8bc3ef690de29c68a36f473908774346a44d4038 https://github.com/argoproj/argo-cd/security/advisories/GHSA-h4w9-6x78-8vrj https://access.redhat.com/security/cve/CVE-2022-31035 https://bugzilla.redhat.com/show_bug.cgi?id=2096278 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) •

CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 0

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Argo CD starting with version 0.7.0 and prior to versions 2.1.15m 2.2.9, and 2.3.4 is vulnerable to a symlink following bug allowing a malicious user with repository write access to leak sensitive files from Argo CD's repo-server. A malicious Argo CD user with write access for a repository which is (or may be) used in a directory-type Application may commit a symlink which points to an out-of-bounds file. Sensitive files which could be leaked include manifest files from other Applications' source repositories (potentially decrypted files, if you are using a decryption plugin) or any JSON-formatted secrets which have been mounted as files on the repo-server. A patch for this vulnerability has been released in Argo CD versions 2.3.4, 2.2.9, and 2.1.15. • https://github.com/argoproj/argo-cd/releases/tag/v2.1.15 https://github.com/argoproj/argo-cd/releases/tag/v2.2.9 https://github.com/argoproj/argo-cd/releases/tag/v2.3.4 https://github.com/argoproj/argo-cd/security/advisories/GHSA-6gcg-hp2x-q54h https://access.redhat.com/security/cve/CVE-2022-24904 https://bugzilla.redhat.com/show_bug.cgi?id=2081691 • CWE-59: Improper Link Resolution Before File Access ('Link Following') CWE-61: UNIX Symbolic Link (Symlink) Following CWE-787: Out-of-bounds Write •

CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 0

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. A vulnerability was found in Argo CD prior to versions 2.3.4, 2.2.9, and 2.1.15 that allows an attacker to spoof error messages on the login screen when single sign on (SSO) is enabled. In order to exploit this vulnerability, an attacker would have to trick the victim to visit a specially crafted URL which contains the message to be displayed. As far as the research of the Argo CD team concluded, it is not possible to specify any active content (e.g. Javascript) or other HTML fragments (e.g. clickable links) in the spoofed message. • https://github.com/argoproj/argo-cd/releases/tag/v2.1.15 https://github.com/argoproj/argo-cd/releases/tag/v2.2.9 https://github.com/argoproj/argo-cd/releases/tag/v2.3.4 https://github.com/argoproj/argo-cd/security/advisories/GHSA-xmg8-99r8-jc2j https://access.redhat.com/security/cve/CVE-2022-24905 https://bugzilla.redhat.com/show_bug.cgi?id=2081689 • CWE-20: Improper Input Validation CWE-290: Authentication Bypass by Spoofing •