BIT-ARGO-CD-2025-59531 Unauthenticated argocd-server panic via a malicious Bitbucket-Server webhook payload

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Versions 1.2.0 through 1.8.7, 2.0.0 through 2.14.19, 3.0.0 through 3.2.0, 3.1.7 and 3.0.18 are vulnerable to malicious API requests which can crash the API server and cause denial of service to legitimate clients. Without a...

Unauthorized Rule Injection

ArgoCD is vulnerable to unauthorized rule injection. The vulnerability is due to improper namespace isolation, as the openshift.io/cluster-monitoring label is automatically applied to all namespaces deploying an ArgoCD CR instance, allowing them to create unauthorized PrometheusRule objects...

CVE-2024-13484

Technical details for CVE-2024-13484 are not publicly provided in the connected documents. The SUSE advisories mention the CVE but do not supply affected products/versions or root-cause details. Monitor for updates.

Denial Of Service (DoS)

github.com/argoproj/argo-cd/ is vulnerable to Denial Of Service. The vulnerability is due to the loadRepoIndex function in the ArgoCD's helm package, which lacks limitations on the size and time while fetching data. An attacker can point ArgoCD to a malicious Helm registry, which results in an ou...

ArgoCD 信任管理问题漏洞

ArgoCD is a software application. A declarative GitOps continuous delivery tool for Kubernetes. It continuously monitors running applications and compares the current live state with the desired target state e.g., configuration in the Git repository, automatically synchronizing and deploying...

The vulnerability of the application deployment automation tool in Kubernetes ArgoCD, related to writing beyond the buffer in memory, allows a malicious actor to write or modify any YAML file.

The vulnerability of the Kubernetes ArgoCD application deployment automation tool relates to writing beyond the buffer boundaries in memory. Exploiting this vulnerability could allow a malicious actor to write or modify any YAML file...