CVE-2025-59537 | argoproj argo-cd up to 1.8.7/2.14.19/3.0.18/3.1.7/3.2.0-rc1 API Request /api/webhook commits[].repo denial of service (GHSA-wp4p-9pxh-cgx2)

A vulnerability, which was classified as problematic, was found in argoproj argo-cd up to 1.8.7/2.14.19/3.0.18/3.1.7/3.2.0-rc1. Affected by this vulnerability is an unknown functionality of the file /api/webhook of the component API Request Handler. Such manipulation of the argument commits[].repo leads to denial of service.

This vulnerability is listed as CVE-2025-59537. The attack may be performed from remote. There is no available exploit.

You should upgrade the affected component.VulDB Recent EntriesRead More