Lucene search
GoogleOSV:CVE-2024-32476HistoryMay 14, 2024 - 3:36 p.m.
CVE-2024-32476
2024-05-1415:36:25
Google
osv.dev
9
argo cd
kubernetes
denial of service
dos vulnerability
oom
gitops
continuous delivery
cve-2024-32476
security patch
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
AI Score
6.8
Confidence
High
EPSS
0
Percentile
15.5%
Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. There is a Denial of Service (DoS) vulnerability via OOM using jq in ignoreDifferences. This vulnerability has been patched in version(s) 2.10.7, 2.9.12 and 2.8.16.
References
Related
osv
osv
vulnrichment
vulnrichment
cve
cve
CVE-2024-32476
2024-05-14 15:36:25
nvd
nvd
CVE-2024-32476
2024-05-14 15:36:25
veracode
veracode
Denial Of Service (DoS)
2024-04-29 06:04:11
wolfi
wolfi
CVE-2024-32476 vulnerabilities
2024-09-27 09:13:12
cvelist
cvelist
cgr
cgr
CVE-2024-32476 vulnerabilities
2024-05-19 03:07:16
github
github
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
AI Score
6.8
Confidence
High
EPSS
0
Percentile
15.5%
Related for OSV:CVE-2024-32476