The vulnerability of the `loadRepoIndex()` function in the declarative tool for continuous delivery of GitOps for Kubernetes Argo CD allows a malicious actor to trigger a service failure.

The vulnerability of the loadRepoIndex function in the declarative tool for continuous delivery of GitOps for Kubernetes Argo CD is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...

Denial Of Service (DoS)

github.com/argoproj/argo-cd/ is vulnerable to Denial Of Service. The vulnerability is due to the loadRepoIndex function in the ArgoCD's helm package, which lacks limitations on the size and time while fetching data. An attacker can point ArgoCD to a malicious Helm registry, which results in an ou...