3 matches found
Helm Charts with Specific JSON Schema Values Can Cause Memory Exhaustion
A Helm contributor discovered that it was possible to craft a JSON Schema file in a manner which could cause Helm to use all available memory and have an out of memory OOM termination. Impact A malicious chart can point $ref in values.schema.json to a device e.g. /dev/ or other problem file which...
Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint
Summary This report details a security vulnerability in Argo CD, where an unauthenticated attacker can send a specially crafted large JSON payload to the /api/webhook endpoint, causing excessive memory allocation that leads to service disruption by triggering an Out Of Memory OOM kill. The issue...
GHSA-JHWX-MHWW-RGC3 ArgoCD's repo server has Uncontrolled Resource Consumption vulnerability
Impact All versions of ArgoCD starting from v2.4 have a bug where the ArgoCD repo-server component is vulnerable to a Denial-of-Service attack vector. Specifically, it's possible to crash the repo server component through an out of memory error by pointing it to a malicious Helm registry. The...