CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
AI Score
Confidence
High
EPSS
Percentile
15.5%
The ArgoCD repo-server component is vulnerable to a denial of service attack, where it is possible to crash the repo server component through an out-of-memory error by pointing it to a malicious Helm registry. The loadRepoIndex() function in the ArgoCD’s helm package does not limit the size or time while fetching the data. It fetches and creates a byte slice from the retrieved data in one go. If the registry is implemented to push data continuously, the repo server will keep allocating memory until it runs out.
bugzilla.redhat.com/show_bug.cgi?id=2272211
github.com/argoproj/argo-cd/commit/14f681e3ee7c38731943b98f92277e88a3db109d
github.com/argoproj/argo-cd/commit/36b8a12a38f8d92d55bffc81deed44389bf6eb59
github.com/argoproj/argo-cd/commit/3e5a878f6e30d935fa149723ea2a2e93748fcddd
github.com/argoproj/argo-cd/security/advisories/GHSA-jhwx-mhww-rgc3
nvd.nist.gov/vuln/detail/CVE-2024-29893
www.cve.org/CVERecord?id=CVE-2024-29893