GO-2022-0304
and 18 other vulnerabilities
GO-2022-0304 : Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0357 : Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0358 : Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0359 : Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0453 : Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0455 : Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495 : DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0497 : Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
GO-2022-0498 : Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
GO-2022-0499 : Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0516 : Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0518 : Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2023-1520 : JWT audience claim is not verified in github.com/argoproj/argo-cd
GO-2023-1670 : Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-2085 : Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2792 : Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877 : ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2898 : Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
GO-2024-3002 : Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Discover Packages
github.com/argoproj/argo-cd/v2
util
package
Version:
v2.0.0-rc3
Opens a new window with list of versions in this module.
Published: Apr 2, 2021
License: Apache-2.0
Opens a new window with license information.
Imports: 3
Opens a new window with list of imports.
Imported by: 1
Opens a new window with list of known importers.
Documentation
¶
MakeSignature generates a cryptographically-secure pseudo-random token, based on a given number of random bytes, for signing purposes.
Wait takes a check interval and timeout and waits for a function to return `true`.
Wait will return `true` on success and `false` on timeout.
The passed function, in turn, should pass `true` (or anything, really) to the channel when it's done.
Pass `0` as the timeout to run infinitely until completion.
¶
¶
app
normalizers
Code generated by github.com/argoproj/argo-cd/hack/known_types.
Code generated by github.com/argoproj/argo-cd/hack/known_types.
Utility functions for managing HTTPS server certificates and SSH known host entries for ArgoCD
Utility functions for managing HTTPS server certificates and SSH known host entries for ArgoCD
Click to show internal directories.
Click to hide internal directories.
Affected by 
Documentation
¶
Source Files
Directories
¶