Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4
CVSSv2

CVE-2022-31016

Published: 25/06/2022 Updated: 21/07/2023
CVSS v2 Base Score: 4 | Impact Score: 2.9 | Exploitability Score: 8
CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8
VMScore: 356
Vector: AV:N/AC:L/Au:S/C:N/I:N/A:P
Subscribe to Linuxfoundation

Vulnerability Summary

Argo CD is a declarative continuous deployment for Kubernetes. Argo CD versions v0.7.0 and later are vulnerable to an uncontrolled memory consumption bug, allowing an authorized malicious user to crash the repo-server service, resulting in a Denial of Service. The attacker must be an authenticated Argo CD user authorized to deploy Applications from a repository which contains (or can be made to contain) a large file. The fix for this vulnerability is available in versions 2.3.5, 2.2.10, 2.1.16, and later. There are no known workarounds. Users are recommended to upgrade.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

linuxfoundation argo-cd

Vendor Advisories

Red Hat: Important: Red Hat OpenShift GitOps security update
Synopsis Important: Red Hat OpenShift GitOps security update Type/Severity Security Advisory: Important Topic An update is now available for Red Hat OpenShift GitOps 15Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed sever ...
Red Hat: Important: Red Hat OpenShift GitOps security update
Synopsis Important: Red Hat OpenShift GitOps security update Type/Severity Security Advisory: Important Topic An update is now available for Red Hat OpenShift GitOps 14Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed sever ...
Red Hat: Important: Red Hat OpenShift GitOps security update
Synopsis Important: Red Hat OpenShift GitOps security update Type/Severity Security Advisory: Important Topic An update is now available for Red Hat OpenShift GitOps 13 on OpenShift 46Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base score, which gives ...
Red Hat: Important: Red Hat OpenShift GitOps security update
Synopsis Important: Red Hat OpenShift GitOps security update Type/Severity Security Advisory: Important Topic An update is now available for Red Hat OpenShift GitOps 13Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed sever ...
Red Hat:
Argo CD is a declarative continuous deployment for Kubernetes Argo CD versions v070 and later are vulnerable to an uncontrolled memory consumption bug, allowing an authorized malicious user to crash the repo-server service, resulting in a Denial of Service The attacker must be an authenticated Argo CD user authorized to deploy Applications from ...

References

CWE-770https://github.com/argoproj/argo-cd/security/advisories/GHSA-jhqp-vf4w-rpwqhttps://nvd.nist.govhttps://access.redhat.com/errata/RHSA-2022:5152
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3581reflected XSSCVE-2024-26925CVE-2024-27956LFICVE-2024-3607CVE-2024-3107CVE-2024-3295SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook