CVSS: 7.8EPSS: 2%CPEs: 3EXPL: 0CVE-2024-40634 – Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint
https://notcve.org/view.php?id=CVE-2024-40634
22 Jul 2024 — Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. This report details a security vulnerability in Argo CD, where an unauthenticated attacker can send a specially crafted large JSON payload to the /api/webhook endpoint, causing excessive memory allocation that leads to service disruption by triggering an Out Of Memory (OOM) kill. The issue poses a high risk to the availability of Argo CD deployments. This vulnerability is fixed in 2.11.6, 2.10.15, and 2.9.20. Argo CD es una herramient... • https://github.com/argoproj/argo-cd/commit/46c0c0b64deaab1ece70cb701030b76668ad0cdc • CWE-400: Uncontrolled Resource Consumption •
CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 0CVE-2024-36106 – Argo CD allows authenticated users to enumerate clusters by name
https://notcve.org/view.php?id=CVE-2024-36106
06 Jun 2024 — Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. It’s possible for authenticated users to enumerate clusters by name by inspecting error messages. It’s also possible to enumerate the names of projects with project-scoped clusters if you know the names of the clusters. This vulnerability is fixed in 2.11.3, 2.10.12, and 2.9.17. Argo CD es una herramienta declarativa de entrega continua de GitOps para Kubernetes. • https://github.com/argoproj/argo-cd/commit/c2647055c261a550e5da075793260f6524e65ad9 • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 9.6EPSS: 8%CPEs: 5EXPL: 1CVE-2024-31989 – ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache
https://notcve.org/view.php?id=CVE-2024-31989
21 May 2024 — Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. It has been discovered that an unprivileged pod in a different namespace on the same cluster could connect to the Redis server on port 6379. Despite having installed the latest version of the VPC CNI plugin on the EKS cluster, it requires manual enablement through configuration to enforce network policies. This raises concerns that many clients might unknowingly have open access to their Redis servers. This vulnerability could lead to... • https://github.com/vt0x78/CVE-2024-31989 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm CWE-1240: Use of a Cryptographic Primitive with a Risky Implementation •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-21662 – Argo CD vulnerable to Bypassing of Rate Limit and Brute Force Protection Using Cache Overflow
https://notcve.org/view.php?id=CVE-2024-21662
18 Mar 2024 — Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Prior to versions 2.8.13, 2.9.9, and 2.10.4, an attacker can effectively bypass the rate limit and brute force protections by exploiting the application's weak cache-based mechanism. This loophole in security can be combined with other vulnerabilities to attack the default admin account. This flaw undermines a patch for CVE-2020-8827 intended to protect against brute-force attacks. The application's brute force protection relies on a ... • https://argo-cd.readthedocs.io/en/stable/security_considerations/#cve-2020-8827-insufficient-anti-automationanti-brute-force • CWE-307: Improper Restriction of Excessive Authentication Attempts •
CVSS: 7.8EPSS: 1%CPEs: 3EXPL: 0CVE-2024-21661 – Argo CD Denial of Service (DoS) Vulnerability Due to Unsafe Array Modification in Multi-threaded Environment
https://notcve.org/view.php?id=CVE-2024-21661
18 Mar 2024 — Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Prior to versions 2.8.13, 2.9.9, and 2.10.4, an attacker can exploit a critical flaw in the application to initiate a Denial of Service (DoS) attack, rendering the application inoperable and affecting all users. The issue arises from unsafe manipulation of an array in a multi-threaded environment. The vulnerability is rooted in the application's code, where an array is being modified while it is being iterated over. This is a classic ... • https://github.com/argoproj/argo-cd/blob/54601c8fd30b86a4c4b7eb449956264372c8bde0/util/session/sessionmanager.go#L302-L311 • CWE-567: Unsynchronized Access to Shared Data in a Multithreaded Context CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-21652 – Argo CD vulnerable to Bypassing of Brute Force Protection via Application Crash and In-Memory Data Loss
https://notcve.org/view.php?id=CVE-2024-21652
18 Mar 2024 — Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Prior to versions 2.8.13, 2.9.9, and 2.10.4, an attacker can exploit a chain of vulnerabilities, including a Denial of Service (DoS) flaw and in-memory data storage weakness, to effectively bypass the application's brute force login protection. This is a critical security vulnerability that allows attackers to bypass the brute force login protection mechanism. Not only can they crash the service affecting all users, but they can also ... • https://github.com/argoproj/argo-cd/security/advisories/GHSA-x32m-mvfj-52xv • CWE-307: Improper Restriction of Excessive Authentication Attempts •
CVSS: 9.0EPSS: 0%CPEs: 3EXPL: 0CVE-2024-28175 – Cross-site scripting on application summary component in argo-cd
https://notcve.org/view.php?id=CVE-2024-28175
13 Mar 2024 — Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Due to the improper URL protocols filtering of links specified in the `link.argocd.argoproj.io` annotations in the application summary component, an attacker can achieve cross-site scripting with elevated permissions. All unpatched versions of Argo CD starting with v1.0.0 are vulnerable to a cross-site scripting (XSS) bug allowing a malicious user to inject a javascript: link in the UI. When clicked by a victim user, the script will e... • https://github.com/argoproj/argo-cd/commit/479b5544b57dc9ef767d49f7003f39602c480b71 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.3EPSS: 0%CPEs: 4EXPL: 1CVE-2024-22424 – Cross-Site Request Forgery (CSRF) in github.com/argoproj/argo-cd
https://notcve.org/view.php?id=CVE-2024-22424
19 Jan 2024 — Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. The Argo CD API prior to versions 2.10-rc2, 2.9.4, 2.8.8, and 2.7.15 are vulnerable to a cross-server request forgery (CSRF) attack when the attacker has the ability to write HTML to a page on the same parent domain as Argo CD. A CSRF attack works by tricking an authenticated Argo CD user into loading a web page which contains code to call Argo CD API endpoints on the victim’s behalf. For example, an attacker could send an Argo CD use... • https://github.com/argoproj/argo-cd/issues/2496 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-40026 – Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server
https://notcve.org/view.php?id=CVE-2023-40026
27 Sep 2023 — Argo CD is a declarative continuous deployment framework for Kubernetes. In Argo CD versions prior to 2.3 (starting at least in v0.1.0, but likely in any version using Helm before 2.3), using a specifically-crafted Helm file could reference external Helm charts handled by the same repo-server to leak values, or files from the referenced Helm Chart. This was possible because Helm paths were predictable. The vulnerability worked by adding a Helm chart that referenced Helm resources from predictable paths. Bec... • https://argo-cd.readthedocs.io/en/stable/operator-manual/installation/#supported-versions • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 5.3EPSS: 1%CPEs: 3EXPL: 0CVE-2022-41354 – ArgoCD: Authenticated but unauthorized users may enumerate Application names via the API
https://notcve.org/view.php?id=CVE-2022-41354
24 Mar 2023 — An access control issue in Argo CD v2.4.12 and below allows unauthenticated attackers to enumerate existing applications. An information disclosure flaw was found in Argo CD. This issue may allow unauthorized users to enumerate application names by inspecting API error messages and could use the discovered application names as the starting point of another attack. For example, the attacker might use their knowledge of an application name to convince an administrator to grant higher privileges. An update is ... • http://argo.com • CWE-203: Observable Discrepancy •