Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences

Impact DoS vuln via OOM using jq in ignoreDifferences. ignoreDifferences: - group: apps kind: Deployment jqPathExpressions: - 'untiltrue == false; . + 1' Patches A patch for this vulnerability has been released in the following Argo CD versions: v2.10.8 v2.9.13 v2.8.17 For more information If you...

Vite before v2.9.13 vulnerable to directory traversal via crafted URL to victim's service

Vite before v2.9.13 was discovered to allow attackers to perform a directory traversal via a crafted URL to the victim's service...