chore: Cherry pick CVE fixes released Sept 30

[todaywasawesome]

CVSS 7.5 (high) Unauthenticated argocd-server panic via a malicious Bitbucket-Server webhook payload
CVSS 7.5 (high) Unauthenticated Remote DoS in Argo CD via malformed Azure DevOps git.push webhook
CVSS 7.5 (high) Unauthenticated DoS due to lack of validation on pointer types
CVSS 6.5 (medium) Repository Credentials Race Condition Crashes Argo CD Server

Checklist:

• Either (a) I've created an enhancement proposal and discussed it with the community, (b) this is a bug fix, or (c) this does not need to be in the release notes.
• The title of the PR states what changed and the related issues number (used for the release note).
• The title of the PR conforms to the Toolchain Guide
• I've included "Closes [ISSUE #]" or "Fixes [ISSUE #]" in the description to automatically close the associated issue.
• I've updated both the CLI and UI to expose my feature, or I plan to submit a second PR with them.
• Does this PR require documentation updates?
• I've updated documentation as required by this PR.
• I have signed off all my commits as required by DCO
• I have written unit and/or e2e tests for my change. PRs without these are unlikely to be merged.
• My build is green (troubleshooting builds).
• My new feature complies with the feature status guidelines.
• I have added a brief description of why this PR is necessary and/or what this PR solves.
• Optional. My organization is added to USERS.md.
• Optional. For bug fixes, I've indicated what older releases this fix should be cherry-picked into (this may or may not happen depending on risk/complexity).

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.

📢 Thoughts on this report? Let us know!