Affected by GO-2022-0304 and 18 other vulnerabilities

GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd

GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd

GO-2022-0358: Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd

GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd

GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd

GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd

GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd

GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd

GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd

GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd

GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd

GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd

GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd

GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd

GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd

GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd

GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd

GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd

GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd

cache

package

v2.0.0-rc3 Latest Latest Go to latest Published: Apr 2, 2021 License: Apache-2.0 Imports: 9 Imported by: 3

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/argoproj/argo-cd

Documentation ¶

Index ¶

Variables
func AddCacheFlagsToCmd(cmd *cobra.Command, opts ...func(client *redis.Client)) func() (*Cache, error)
type Cache
- func NewCache(cache *appstatecache.Cache, connectionStatusCacheExpiration time.Duration, ...) *Cache

Constants ¶

This section is empty.

Variables ¶

View Source

var ErrCacheMiss = appstatecache.ErrCacheMiss

Functions ¶

func AddCacheFlagsToCmd ¶

func AddCacheFlagsToCmd(cmd *cobra.Command, opts ...func(client *redis.Client)) func() (*Cache, error)

Types ¶

type Cache ¶

type Cache struct {
	// contains filtered or unexported fields
}

func NewCache ¶

func NewCache(
	cache *appstatecache.Cache,
	connectionStatusCacheExpiration time.Duration,
	oidcCacheExpiration time.Duration,
	loginAttemptsExpiration time.Duration,
) *Cache

func (*Cache) GetAppManagedResources ¶

func (c *Cache) GetAppManagedResources(appName string, res *[]*appv1.ResourceDiff) error

func (*Cache) GetAppResourcesTree ¶

func (c *Cache) GetAppResourcesTree(appName string, res *appv1.ApplicationTree) error

func (*Cache) GetCache ¶

func (c *Cache) GetCache() *cacheutil.Cache

func (*Cache) GetClusterInfo ¶

func (c *Cache) GetClusterInfo(server string, res *appv1.ClusterInfo) error

func (*Cache) GetOIDCState ¶

func (c *Cache) GetOIDCState(key string) (*oidc.OIDCState, error)

func (*Cache) GetRepoConnectionState ¶

func (c *Cache) GetRepoConnectionState(repo string) (appv1.ConnectionState, error)

func (*Cache) OnAppResourcesTreeChanged ¶

func (c *Cache) OnAppResourcesTreeChanged(ctx context.Context, appName string, callback func() error) error

func (*Cache) SetClusterInfo ¶

func (c *Cache) SetClusterInfo(server string, res *appv1.ClusterInfo) error

func (*Cache) SetOIDCState ¶

func (c *Cache) SetOIDCState(key string, state *oidc.OIDCState) error

func (*Cache) SetRepoConnectionState ¶

func (c *Cache) SetRepoConnectionState(repo string, state *appv1.ConnectionState) error

Source Files ¶

View all Source files

cache.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL