2 matches found
PT-2026-36558
Name of the Vulnerable Software and Affected Versions Argo CD versions 3.2.0 through 3.2.10 Argo CD versions 3.3.0 through 3.3.8 Description The 'ServerSideDiff' endpoint allows the disclosure of cleartext Kubernetes Secret data. This occurs when the IncludeMutationWebhook variable is set to true...
Integer Overflow or Wraparound
Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound in the genericunpack function when parsing EXR files containing a crafted negative value for dataWindow.min.x. An attacker can cause the process to terminate unexpectedly by supplying a specially crafted E...