CVE-2024-32476

Name of the Vulnerable Software and Affected Versions Argo CD versions prior to 2.10.8 Argo CD versions prior to 2.9.13 Argo CD versions prior to 2.8.17

Description The issue is related to a Denial of Service (DoS) vulnerability via Out of Memory (OOM) using jq in ignoreDifferences. This vulnerability can be exploited by a remote attacker, allowing them to cause a service disruption. The vulnerability is associated with uncontrolled resource consumption when processing the jqPathExpressions parameter.

Recommendations For versions prior to 2.10.8, update to version 2.10.8 or later. For versions prior to 2.9.13, update to version 2.9.13 or later. For versions prior to 2.8.17, update to version 2.8.17 or later. As a temporary workaround, consider restricting the use of the jqPathExpressions parameter in the ignoreDifferences configuration to minimize the risk of exploitation.