CVE-2020-8828: 
Argo CD vulnerability analysis and mitigation

A Buffer Overflow issue was discovered in Kamailio before 4.4.7, 5.0.x before 5.0.6, and 5.1.x before 5.1.2. The vulnerability is tracked as CVE-2018-8828 and was discovered in March 2018 (NVD).

The vulnerability occurs when a specially crafted REGISTER message with a malformed branch or From tag triggers an off-by-one heap-based buffer overflow in the tmx_check_pretran function in modules/tmx/tmx_pretran.c. The vulnerability has a CVSS v3.0 Base Score of 9.8 (CRITICAL) with vector string CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H (NVD).

The vulnerability allows remote attackers to potentially execute arbitrary code with elevated privileges due to the heap-based buffer overflow condition. The high severity score indicates that successful exploitation could lead to complete system compromise with high impacts on confidentiality, integrity, and availability (NVD).

Users should upgrade to Kamailio version 4.4.7 or later for the 4.4.x series, version 5.0.6 or later for the 5.0.x series, or version 5.1.2 or later for the 5.1.x series. The fix was implemented through a patch that addresses the buffer overflow condition (Enable Security, Kamailio Patch).