CNNVD-202510-013 Information
CNNVD ID
CNNVD-202510-013
Related CVE
- CNNVD Published: 2025-10-01
Description (Chinese)
Argo CD是Argo开源的一个用于Kubernetes的声明性GitOps连续交付工具。 Argo CD存在代码问题漏洞,该漏洞源于恶意API请求未正确处理,可能导致API服务器崩溃和拒绝服务。以下版本受到影响:1.8.7及之前版本、2.14.19及之前版本、3.2.0-rc1及之前版本、3.1.7版本和3.0.18版本
Description (English)
Argo CD is a declaratory Gitops continuum delivery tool for Kubernetes, an open source of Argo. Argo CDs have a code gap, which stems from the fact that malicious API requests have not been properly addressed and could lead to the collapse of the API server and the denial of services. The following versions were affected: 1.8.7 and earlier, 2.14.19 and earlier, 3.2.0-rc1 and earlier, 3.1.7 and 3.0.18
Hazard Level
Medium
Vulnerability Type
代码问题
Affected Vendor
Argo
Published
2025-10-01
Last Modified
2026-02-24
References
https://github.com/argoproj/argo-cd/commit/761fc27068d2d4cd24e1f784eb2a9033b5ee7f43 https://github.com/argoproj/argo-cd/security/advisories/GHSA-wp4p-9pxh-cgx2
Patch
https://argo-cd.readthedocs.io/en/stable/
Share on: