How severe is CVE-2022-31016?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.5 out of 10.

What type of vulnerability is CVE-2022-31016?

This is classified as CWE-400, which is a common weakness in software security.

CVE-2022-31016 - MEDIUM Severity | CVSS 6.5

Vulnerability Description

Argo CD is a declarative continuous deployment for Kubernetes. Argo CD versions v0.7.0 and later are vulnerable to an uncontrolled memory consumption bug, allowing an authorized malicious user to crash the repo-server service, resulting in a Denial of Service. The attacker must be an authenticated Argo CD user authorized to deploy Applications from a repository which contains (or can be made to contain) a large file. The fix for this vulnerability is available in versions 2.3.5, 2.2.10, 2.1.16, and later. There are no known workarounds. Users are recommended to upgrade.

Related Vulnerabilities

CVE-2006-6017

MEDIUM

CVSS:6.5(Medium)

WordPress before 2.0.5 does not properly store a profile containing a string representation of a serialized object, which allows remote authenticated users to cause a denial of service (application cr...

CWE-4002006

CVE-2011-1459

MEDIUM

CVSS:6.5(Medium)

The WebKit::WebPluginContainerImpl::handleEvent function in Google Chrome before Blink M11 allows an attacker to cause a denial of service (crash) via the htmlpluginelement.cpp plugin.

CWE-4002011

CVE-2012-0260

MEDIUM

CVSS:6.5(Medium)

The JPEGWarningHandler function in coders/jpeg.c in ImageMagick before 6.7.6-3 allows remote attackers to cause a denial of service (memory consumption) via a JPEG image with a crafted sequence of res...

CWE-4002012

CVE-2012-4863

MEDIUM

CVSS:6.5(Medium)

IBM WebSphere MQ 7.1 and 7.5: Queue manager has a DoS vulnerability

CWE-4002012

CVE-2014-3672

MEDIUM

CVSS:6.5(Medium)

The qemu implementation in libvirt before 1.3.0 and Xen allows local guest OS users to cause a denial of service (host disk consumption) by writing to stdout or stderr.

CWE-4002014

CVE-2014-7813

MEDIUM

CVSS:6.5(Medium)

Red Hat CloudForms 3 Management Engine (CFME) allows remote authenticated users to cause a denial of service (resource consumption) via vectors involving calls to the .to_sym rails function and lack o...

CWE-4002014