CVE

CVE-2025-59537

argo-cd vulnerable unauthenticated DoS via malformed Gogs webhook payload in github.com/argoproj/argo-cd

Back to all

CVE

CVE-2025-59537

argo-cd vulnerable unauthenticated DoS via malformed Gogs webhook payload in github.com/argoproj/argo-cd

Package Versions Affected

No items found.

Automatically patch vulnerabilities without upgrading

Fix Without Upgrading

Detect compatible fix

Apply safe remediation

Fix with a single pull request

CVSS Version

7.5

3.1

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.5

3.1

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Related Resources

No items found.

References

https://github.com/argoproj/argo-cd/security/advisories/GHSA-wp4p-9pxh-cgx2, https://nvd.nist.gov/vuln/detail/CVE-2025-59537, https://github.com/argoproj/argo-cd/commit/761fc27068d2d4cd24e1f784eb2a9033b5ee7f43

Severity

7.5

CVSS Score

Basic Information

Ecosystem

Base CVSS

7.5

EPSS Probability

0.00142%

EPSS Percentile

0.34848%

Introduced Version

3.2.0-rc1,1.2.0,2.0.0-rc1,v3.2.0-rc1,v3.1.0-rc1,v3.0.0-20250326122706-2fbace3fe7b2,v3.0.0-rc1,v3.0.0-20250110211400-4d9835927d8d,v2.0.0-rc1,v2.0.0-20210401184418-ae49b4524920,v1.2.0-rc1,v0.0.0-20190624234044-60fedf098500

Fix Available

3.2.0-rc2,2.14.20,v3.2.0-rc2,v3.1.8,v3.0.0-20250930144532-761fc27068d2,v3.0.19,v3.0.0-20250930144532-f60a9441a7a5,v2.14.20,v2.0.0-20250930144532-741f00e2e354

Fix Critical Vulnerabilities Instantly

Secure your app without upgrading.

Fix Without Upgrading

Get a Demo

Let's Patch It!

CVE-2025-59537

CVE-2025-59537

Package Versions Affected

Automatically patch vulnerabilities without upgrading

CVSS Version

Related Resources

References

Severity

7.5

Basic Information

Fix Critical Vulnerabilities Instantly