CVE-2024-40634 | argoproj argo-cd up to 2.9.19/2.10.14/2.11.5 /api/webhook resource consumption (GHSA-jmvp-698c-4x3w)

Posted by Angelo Barbosa | Jul 22, 2024 | CVE

A vulnerability was found in argoproj argo-cd up to 2.9.19/2.10.14/2.11.5 and classified as critical. Affected by this issue is some unknown functionality of the file /api/webhook. The manipulation leads to resource consumption.

This vulnerability is handled as CVE-2024-40634. The attack may be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-40634 | argoproj argo-cd up to 2.9.19/2.10.14/2.11.5 /api/webhook resource consumption (GHSA-jmvp-698c-4x3w)

Related Posts

CVE-2023-50550 | layui up to 2.74 data-content cross site scripting

CVE-2024-5353 | anji-plus AJ-Report up to 1.4.1 ZIP File decompress path traversal

CVE-2024-5800 | B&R Industrial Automation Automation Runtime up to 6.0.0 SSL/TLS inadequate encryption

CVE-2024-43825 | Linux Kernel up to 6.6.43/6.10.2 iio iio_gts_build_avail_time_table out-of-bounds (31ff8464ef54/b5046de32fd1/5acc3f971a01)