The vulnerability of the expireOldFailedAttempts() function in the declarative tool for continuous delivery in GitOps for Kubernetes Argo CD allows a attacker to trigger a service failure.

The vulnerability of the expireOldFailedAttempts function in the GitOps continuous delivery declarative tool for Kubernetes Argo CD is related to an operation going beyond the buffer in memory. Exploiting this vulnerability could allow a malicious actor to trigger a service failure...

CVE-2024-21661

A flaw was found in Argo CD that may result in a remote denial of service. The expireOldFailedAttempts function modifies an array while it is being iterated over. This issue may cause an application crash when executed in a multi-threaded environment if two threads interact with the same array...

PT-2024-2316 · Argo Cd · Argo Cd

Name of the Vulnerable Software and Affected Versions: Argo CD versions prior to 2.8.13 Argo CD versions prior to 2.9.9 Argo CD versions prior to 2.10.4 Description: The issue arises from unsafe manipulation of an array in a multi-threaded environment, where an array is being modified while it is...