mocks

package
Go to main page

Versions in this module

v2
v2.14.0-rc6
Jan 21, 2025 GO-2025-3427
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.14.0-rc5
Jan 8, 2025 GO-2025-3427
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.14.0-rc4
Dec 23, 2024 GO-2025-3427
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.14.0-rc3
Dec 18, 2024 GO-2025-3427
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.14.0-rc2
Dec 17, 2024 GO-2025-3427
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.14.0-rc1
Dec 17, 2024 GO-2025-3427
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.13.3
Jan 3, 2025 GO-2025-3427
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.13.2
Dec 11, 2024 GO-2025-3427
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.13.1
Nov 20, 2024 GO-2025-3427
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.13.0
Sep 16, 2024 GO-2025-3427
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.13.0-rc5
Oct 18, 2024 GO-2025-3427
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.13.0-rc4
Oct 17, 2024 GO-2025-3427
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.13.0-rc3
Oct 7, 2024 GO-2025-3427
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.13.0-rc2
Sep 20, 2024 GO-2025-3427
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.13.0-rc1
Sep 16, 2024 GO-2025-3427
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.12.9
Jan 3, 2025 GO-2025-3427
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.12.8
Dec 11, 2024 GO-2025-3427
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.12.7
Nov 5, 2024 GO-2025-3427
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.12.6
Oct 18, 2024 GO-2025-3427
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.12.5
Oct 17, 2024 GO-2025-3427
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.12.4
Sep 26, 2024 GO-2025-3427
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.12.3
Aug 27, 2024 GO-2025-3427
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.12.2
Aug 23, 2024 GO-2025-3427
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.12.1
Aug 16, 2024 GO-2025-3427
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.12.0
Aug 5, 2024 GO-2025-3427
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
Changes in this version
type Client
v2.12.0-rc5
Aug 1, 2024 GO-2025-3427
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.12.0-rc4
Jul 15, 2024 GO-2025-3427
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.12.0-rc3
Jul 2, 2024 GO-2025-3427
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.12.0-rc2
Jun 24, 2024 GO-2025-3427
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.12.0-rc1
Jun 18, 2024 GO-2025-3427
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.11.12
Nov 5, 2024 GO-2025-3427
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.11.11
Oct 18, 2024 GO-2025-3427
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.11.10
Oct 17, 2024 GO-2025-3427
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.11.9
Sep 26, 2024 GO-2025-3427
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.11.8
Sep 11, 2024 GO-2025-3427
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.11.7
Jul 24, 2024 GO-2025-3427
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.11.6
Jul 22, 2024 GO-2024-3006 +1 more
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.11.5
Jul 15, 2024 GO-2024-3002 +2 more
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.11.4
Jul 2, 2024 GO-2024-3002 +2 more
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.11.3
Jun 6, 2024 GO-2024-3002 +2 more
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.11.2
May 23, 2024 GO-2024-2898 +4 more
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.11.1
May 21, 2024 GO-2024-2898 +4 more
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.11.0
May 7, 2024 GO-2024-2877 +5 more
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.11.0-rc3
Apr 29, 2024 GO-2024-2877 +1 more
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.11.0-rc2
Apr 15, 2024 GO-2024-2877 +1 more
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.11.0-rc1
Apr 5, 2024 GO-2024-2877 +1 more
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.10.18
Oct 17, 2024 GO-2025-3427
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.10.17
Sep 26, 2024 GO-2025-3427
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.10.16
Jul 24, 2024 GO-2025-3427
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.10.15
Jul 22, 2024 GO-2024-3006 +1 more
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.10.14
Jul 15, 2024 GO-2024-3002 +2 more
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.10.13
Jul 2, 2024 GO-2024-3002 +2 more
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.10.12
Jun 6, 2024 GO-2024-3002 +2 more
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.10.11
May 23, 2024 GO-2024-2898 +4 more
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.10.10
May 21, 2024 GO-2024-2898 +4 more
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.10.9
Apr 30, 2024 GO-2024-2877 +5 more
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.10.8
Apr 26, 2024 GO-2024-2877 +5 more
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.10.7
Apr 15, 2024 GO-2024-2792 +6 more
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.10.6
Apr 5, 2024 GO-2024-2728 +7 more
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.10.5
Mar 28, 2024 GO-2024-2728 +7 more
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.10.4
Mar 18, 2024 GO-2024-2667 +8 more
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.10.3
Mar 13, 2024 GO-2024-2652 +10 more
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.10.2
Mar 1, 2024 GO-2024-2643 +12 more
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.10.1
Feb 13, 2024 GO-2024-2643 +12 more
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.10.0
Feb 5, 2024 GO-2024-2643 +12 more
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.10.0-rc5
Feb 2, 2024 GO-2024-2877 +1 more
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.10.0-rc4
Jan 25, 2024 GO-2024-2877 +1 more
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.10.0-rc3
Jan 19, 2024 GO-2024-2877 +1 more
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.10.0-rc2
Jan 18, 2024 GO-2024-2877 +1 more
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.10.0-rc1
Dec 18, 2023 GO-2024-2877 +1 more
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.9.22
Aug 22, 2024 GO-2025-3427
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.9.21
Jul 24, 2024 GO-2025-3427
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.9.20
Jul 22, 2024 GO-2024-3006 +1 more
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.9.19
Jul 15, 2024 GO-2024-3002 +2 more
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.9.18
Jul 2, 2024 GO-2024-3002 +2 more
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.9.17
Jun 6, 2024 GO-2024-3002 +2 more
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.9.16
May 23, 2024 GO-2024-2898 +4 more
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.9.15
May 21, 2024 GO-2024-2898 +4 more
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.9.14
Apr 30, 2024 GO-2024-2877 +5 more
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.9.13
Apr 26, 2024 GO-2024-2877 +5 more
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.9.12
Apr 15, 2024 GO-2024-2792 +6 more
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.9.11
Apr 4, 2024 GO-2024-2728 +7 more
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.9.10
Mar 28, 2024 GO-2024-2728 +7 more
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.9.9
Mar 18, 2024 GO-2024-2667 +8 more
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.9.8
Mar 13, 2024 GO-2024-2652 +10 more
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.9.7
Mar 1, 2024 GO-2024-2643 +12 more
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.9.6
Feb 2, 2024 GO-2024-2643 +12 more
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.9.5
Jan 19, 2024 GO-2024-2643 +12 more
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.9.4
Jan 18, 2024 GO-2024-2643 +12 more
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.9.3
Dec 1, 2023 GO-2024-2643 +12 more
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.9.2
Nov 20, 2023 GO-2024-2643 +11 more
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.9.1
Nov 14, 2023 GO-2024-2643 +11 more
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.9.0
Nov 6, 2023 GO-2024-2643 +11 more
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.9.0-rc4
Oct 31, 2023 GO-2024-2877 +4 more
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.9.0-rc3
Oct 25, 2023 GO-2024-2877 +4 more
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.9.0-rc2
Oct 3, 2023 GO-2024-2877 +4 more
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.9.0-rc1
Sep 25, 2023 GO-2024-2877 +4 more
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.8.21
Aug 21, 2024 GO-2024-2898 +3 more
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.8.20
May 23, 2024 GO-2024-2898 +3 more
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.8.19
May 21, 2024 GO-2024-2898 +3 more
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.8.18
Apr 30, 2024 GO-2024-2877 +4 more
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.8.17
Apr 26, 2024 GO-2024-2877 +4 more
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.8.16
Apr 15, 2024 GO-2024-2792 +5 more
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.8.15
Apr 4, 2024 GO-2024-2728 +6 more
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.8.14
Mar 28, 2024 GO-2024-2728 +6 more
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.8.13
Mar 18, 2024 GO-2024-2667 +7 more
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.8.12
Mar 13, 2024 GO-2024-2652 +9 more
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.8.11
Mar 1, 2024 GO-2024-2643 +11 more
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.8.10
Feb 2, 2024 GO-2024-2643 +11 more
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.8.9
Jan 19, 2024 GO-2024-2643 +11 more
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.8.8
Jan 19, 2024 GO-2024-2643 +11 more
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.8.7
Nov 20, 2023 GO-2024-2643 +11 more
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.8.6
Oct 31, 2023 GO-2024-2643 +11 more
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.8.5
Oct 26, 2023 GO-2024-2643 +11 more
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.8.4
Sep 13, 2023 GO-2024-2643 +11 more
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.8.3
Sep 7, 2023 GO-2024-2643 +11 more
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.8.2
Aug 24, 2023 GO-2023-2049 +13 more
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.8.1
Aug 21, 2023 GO-2023-2049 +13 more
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.8.0
Aug 7, 2023 GO-2023-2018 +14 more
Alert  GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.8.0-rc7
Aug 3, 2023 GO-2024-2643 +11 more
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.8.0-rc6
Jul 27, 2023 GO-2024-2643 +11 more
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.8.0-rc5
Jul 19, 2023 GO-2024-2643 +11 more
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.8.0-rc4
Jul 18, 2023 GO-2024-2643 +11 more
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.8.0-rc3
Jul 12, 2023 GO-2024-2643 +11 more
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.8.0-rc2
Jul 5, 2023 GO-2024-2643 +11 more
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.8.0-rc1
Jun 27, 2023 GO-2024-2643 +11 more
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.7.18
Apr 4, 2024 GO-2024-2643 +11 more
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.7.17
Feb 2, 2024 GO-2024-2643 +11 more
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.7.16
Jan 19, 2024 GO-2024-2643 +11 more
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.7.15
Nov 2, 2023 GO-2024-2643 +11 more
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.7.14
Sep 7, 2023 GO-2024-2643 +11 more
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.7.13
Aug 24, 2023 GO-2023-2049 +13 more
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.7.12
Aug 21, 2023 GO-2023-2049 +13 more
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.7.11
Aug 7, 2023 GO-2023-2018 +14 more
Alert  GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.7.10
Jul 31, 2023 GO-2023-2018 +14 more
Alert  GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.7.9
Jul 24, 2023 GO-2023-2018 +14 more
Alert  GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.7.8
Jul 19, 2023 GO-2023-2018 +14 more
Alert  GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.7.7
Jul 5, 2023 GO-2023-2018 +14 more
Alert  GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.7.6
Jun 20, 2023 GO-2023-2018 +14 more
Alert  GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.7.5
Jun 16, 2023 GO-2023-2018 +14 more
Alert  GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.7.4
Jun 5, 2023 GO-2023-2018 +14 more
Alert  GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.7.3
May 24, 2023 GO-2023-2018 +14 more
Alert  GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.7.2
May 12, 2023 GO-2023-2018 +14 more
Alert  GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.7.1
May 2, 2023 GO-2023-2018 +14 more
Alert  GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.7.0
May 2, 2023 GO-2023-2018 +14 more
Alert  GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.7.0-rc2
Apr 11, 2023 GO-2024-2643 +11 more
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.7.0-rc1
Mar 27, 2023 GO-2024-2643 +11 more
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.6.15
Sep 7, 2023 GO-2024-2643 +11 more
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.6.14
Aug 7, 2023 GO-2023-2049 +13 more
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.6.13
Jul 19, 2023 GO-2023-2018 +14 more
Alert  GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.6.12
Jul 5, 2023 GO-2023-2018 +14 more
Alert  GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.6.11
Jun 20, 2023 GO-2023-2018 +14 more
Alert  GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.6.10
Jun 16, 2023 GO-2023-2018 +14 more
Alert  GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.6.9
Jun 5, 2023 GO-2023-2018 +14 more
Alert  GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.6.8
May 25, 2023 GO-2023-2018 +14 more
Alert  GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.6.7
Mar 23, 2023 GO-2023-2018 +14 more
Alert  GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.6.6
Mar 16, 2023 GO-2023-1670 +15 more
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.6.5
Mar 14, 2023 GO-2023-1670 +15 more
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.6.4
Mar 7, 2023 GO-2023-1670 +15 more
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.6.3
Feb 27, 2023 GO-2023-1670 +15 more
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.6.2
Feb 16, 2023 GO-2023-1670 +15 more
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.6.1
Feb 8, 2023 GO-2023-1577 +16 more
Alert  GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.6.0
Feb 6, 2023 GO-2023-1548 +17 more
Alert  GO-2023-1548: Repository access credential leak in github.com/argoproj/argo-cd/v2
Alert  GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
Changes in this version
type Client
v2.6.0-rc7
Feb 2, 2023 GO-2023-1548 +13 more
Alert  GO-2023-1548: Repository access credential leak in github.com/argoproj/argo-cd/v2
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.6.0-rc6
Jan 27, 2023 GO-2023-1548 +13 more
Alert  GO-2023-1548: Repository access credential leak in github.com/argoproj/argo-cd/v2
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.6.0-rc5
Jan 25, 2023 GO-2023-1548 +13 more
Alert  GO-2023-1548: Repository access credential leak in github.com/argoproj/argo-cd/v2
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.6.0-rc4
Jan 18, 2023 GO-2023-1512 +15 more
Alert  GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1548: Repository access credential leak in github.com/argoproj/argo-cd/v2
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.6.0-rc3
Jan 13, 2023 GO-2023-1520 +14 more
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1548: Repository access credential leak in github.com/argoproj/argo-cd/v2
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.6.0-rc2
Jan 5, 2023 GO-2023-1520 +14 more
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1548: Repository access credential leak in github.com/argoproj/argo-cd/v2
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.6.0-rc1
Dec 19, 2022 GO-2023-1520 +14 more
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1548: Repository access credential leak in github.com/argoproj/argo-cd/v2
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.5.22
Aug 7, 2023 GO-2023-2049 +12 more
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.5.21
Jul 19, 2023 GO-2023-2049 +12 more
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.5.20
Jul 5, 2023 GO-2023-2049 +12 more
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.5.19
Jun 16, 2023 GO-2023-2049 +12 more
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.5.18
Jun 5, 2023 GO-2023-2049 +12 more
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.5.17
May 25, 2023 GO-2023-2049 +12 more
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.5.16
Mar 23, 2023 GO-2023-2049 +12 more
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.5.15
Mar 16, 2023 GO-2023-1670 +13 more
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.5.14
Mar 14, 2023 GO-2023-1670 +13 more
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.5.13
Mar 7, 2023 GO-2023-1670 +13 more
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.5.12
Feb 27, 2023 GO-2023-1670 +13 more
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.5.11
Feb 16, 2023 GO-2023-1670 +13 more
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.5.10
Feb 2, 2023 GO-2023-1577 +14 more
Alert  GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.5.9
Jan 27, 2023 GO-2023-1577 +14 more
Alert  GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.5.8
Jan 25, 2023 GO-2023-1577 +14 more
Alert  GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.5.7
Jan 18, 2023 GO-2023-1512 +16 more
Alert  GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.5.6
Jan 10, 2023 GO-2023-1512 +16 more
Alert  GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.5.5
Dec 16, 2022 GO-2023-1512 +16 more
Alert  GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.5.4
Dec 6, 2022 GO-2023-1512 +16 more
Alert  GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.5.3
Nov 28, 2022 GO-2023-1512 +16 more
Alert  GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.5.2
Nov 7, 2022 GO-2023-1512 +16 more
Alert  GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.5.1
Nov 1, 2022 GO-2023-1512 +16 more
Alert  GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.5.0
Oct 24, 2022 GO-2023-1512 +16 more
Alert  GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.5.0-rc3
Oct 17, 2022 GO-2023-1512 +13 more
Alert  GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.5.0-rc2
Oct 11, 2022 GO-2023-1512 +13 more
Alert  GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.5.0-rc1
Oct 5, 2022 GO-2023-1512 +13 more
Alert  GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.4.28
Mar 23, 2023 GO-2023-2049 +12 more
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.4.27
Mar 16, 2023 GO-2023-1670 +13 more
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.4.26
Mar 14, 2023 GO-2023-1670 +13 more
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.4.25
Mar 7, 2023 GO-2023-1670 +13 more
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.4.24
Feb 27, 2023 GO-2023-1670 +13 more
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.4.23
Feb 16, 2023 GO-2023-1670 +13 more
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.4.22
Feb 2, 2023 GO-2023-1577 +14 more
Alert  GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.4.21
Jan 27, 2023 GO-2023-1577 +14 more
Alert  GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.4.20
Jan 25, 2023 GO-2023-1577 +14 more
Alert  GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.4.19
Jan 18, 2023 GO-2023-1520 +15 more
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.4.18
Dec 16, 2022 GO-2023-1520 +15 more
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.4.17
Nov 7, 2022 GO-2023-1520 +15 more
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.4.16
Nov 1, 2022 GO-2023-1520 +15 more
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.4.15
Oct 17, 2022 GO-2023-1520 +15 more
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.4.14
Oct 5, 2022 GO-2023-1520 +15 more
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.4.13
Oct 3, 2022 GO-2023-1520 +15 more
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.4.12
Sep 16, 2022 GO-2023-1520 +15 more
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.4.11
Aug 22, 2022 GO-2023-1520 +15 more
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.4.10
Aug 17, 2022 GO-2023-1520 +15 more
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.4.9
Aug 11, 2022 GO-2023-1520 +15 more
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.4.8
Jul 29, 2022 GO-2023-1520 +15 more
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.4.7
Jul 18, 2022 GO-2023-1520 +15 more
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.4.6
Jul 12, 2022 GO-2023-1520 +15 more
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.4.5
Jul 12, 2022 GO-2023-1520 +15 more
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.4.4
Jul 7, 2022 GO-2022-0517 +17 more
Alert  GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
Alert  GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.4.3
Jun 27, 2022 GO-2022-0517 +17 more
Alert  GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
Alert  GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.4.2
Jun 21, 2022 GO-2022-0517 +17 more
Alert  GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
Alert  GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.4.1
Jun 21, 2022 GO-2022-0517 +17 more
Alert  GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
Alert  GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.4.0
Jun 10, 2022 GO-2022-0495 +21 more
Alert  GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
Alert  GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
Alert  GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
Alert  GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.4.0-rc5
Jun 6, 2022 GO-2023-1670 +10 more
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.4.0-rc4
Jun 1, 2022 GO-2023-1670 +10 more
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.4.0-rc3
May 31, 2022 GO-2023-1670 +10 more
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.4.0-rc2
May 18, 2022 GO-2023-1670 +10 more
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.4.0-rc1
May 6, 2022 GO-2023-1670 +10 more
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.3.17
Feb 16, 2023 GO-2023-1670 +10 more
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.3.16
Feb 2, 2023 GO-2023-1577 +11 more
Alert  GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.3.15
Jan 27, 2023 GO-2023-1577 +11 more
Alert  GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.3.14
Jan 25, 2023 GO-2023-1577 +11 more
Alert  GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.3.13
Jan 18, 2023 GO-2023-1520 +12 more
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.3.12
Dec 16, 2022 GO-2023-1520 +12 more
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.3.11
Nov 1, 2022 GO-2023-1520 +12 more
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.3.10
Oct 17, 2022 GO-2023-1520 +12 more
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.3.9
Oct 5, 2022 GO-2023-1520 +12 more
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.3.8
Oct 3, 2022 GO-2023-1520 +12 more
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.3.7
Jul 29, 2022 GO-2023-1520 +12 more
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.3.6
Jul 12, 2022 GO-2023-1520 +12 more
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.3.5
Jun 21, 2022 GO-2022-0517 +14 more
Alert  GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
Alert  GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.3.4
May 18, 2022 GO-2022-0495 +18 more
Alert  GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
Alert  GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
Alert  GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
Alert  GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.3.3
Mar 29, 2022 GO-2022-0453 +21 more
Alert  GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
Alert  GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
Alert  GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
Alert  GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.3.2
Mar 23, 2022 GO-2022-0453 +21 more
Alert  GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
Alert  GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
Alert  GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
Alert  GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.3.1
Mar 10, 2022 GO-2022-0359 +23 more
Alert  GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
Alert  GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
Alert  GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
Alert  GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
Alert  GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.3.0
Mar 6, 2022 GO-2022-0359 +23 more
Alert  GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
Alert  GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
Alert  GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
Alert  GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
Alert  GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.3.0-rc5
Feb 4, 2022 GO-2022-0357 +14 more
Alert  GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0358: Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.3.0-rc4
Feb 3, 2022 GO-2022-0357 +14 more
Alert  GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0358: Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.3.0-rc2
Feb 2, 2022 GO-2022-0357 +14 more
Alert  GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0358: Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.3.0-rc1
Jan 30, 2022 GO-2022-0357 +14 more
Alert  GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0358: Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.2.16
Nov 1, 2022 GO-2023-1520 +12 more
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.2.15
Oct 18, 2022 GO-2023-1520 +12 more
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.2.14
Oct 5, 2022 GO-2023-1520 +12 more
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.2.13
Oct 3, 2022 GO-2023-1520 +12 more
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.2.12
Jul 29, 2022 GO-2023-1520 +12 more
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.2.11
Jul 12, 2022 GO-2023-1520 +12 more
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.2.10
Jun 21, 2022 GO-2022-0518 +13 more
Alert  GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.2.9
May 18, 2022 GO-2022-0495 +17 more
Alert  GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
Alert  GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
Alert  GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.2.8
Mar 23, 2022 GO-2022-0453 +20 more
Alert  GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
Alert  GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
Alert  GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.2.8-1
Mar 28, 2022 GO-2022-0359 +22 more
Alert  GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
Alert  GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
Alert  GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
Alert  GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.2.7
Mar 9, 2022 GO-2022-0359 +22 more
Alert  GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
Alert  GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
Alert  GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
Alert  GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.2.6
Mar 6, 2022 GO-2022-0359 +22 more
Alert  GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
Alert  GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
Alert  GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
Alert  GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.2.5
Feb 5, 2022 GO-2022-0357 +24 more
Alert  GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0358: Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
Alert  GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
Alert  GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
Alert  GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.2.4
Feb 3, 2022 GO-2022-0357 +24 more
Alert  GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0358: Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
Alert  GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
Alert  GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
Alert  GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.2.3
Jan 18, 2022 GO-2022-0304 +25 more
Alert  GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0358: Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
Alert  GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
Alert  GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
Alert  GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.2.2
Jan 1, 2022 GO-2022-0304 +25 more
Alert  GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0358: Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
Alert  GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
Alert  GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
Alert  GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.2.1
Dec 17, 2021 GO-2022-0304 +25 more
Alert  GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0358: Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
Alert  GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
Alert  GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
Alert  GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.2.0
Dec 14, 2021 GO-2022-0304 +25 more
Alert  GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0358: Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
Alert  GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
Alert  GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
Alert  GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.2.0-rc1
Nov 12, 2021 GO-2022-0518 +12 more
Alert  GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.1.16
Jun 21, 2022 GO-2022-0518 +12 more
Alert  GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.1.15
May 18, 2022 GO-2022-0495 +16 more
Alert  GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
Alert  GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
Alert  GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.1.14
Mar 23, 2022 GO-2022-0453 +19 more
Alert  GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
Alert  GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
Alert  GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.1.13
Mar 22, 2022 GO-2022-0359 +21 more
Alert  GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
Alert  GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
Alert  GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
Alert  GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.1.12
Mar 9, 2022 GO-2022-0359 +21 more
Alert  GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
Alert  GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
Alert  GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
Alert  GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.1.11
Mar 6, 2022 GO-2022-0359 +21 more
Alert  GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
Alert  GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
Alert  GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
Alert  GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.1.10
Feb 5, 2022 GO-2022-0357 +23 more
Alert  GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0358: Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
Alert  GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
Alert  GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
Alert  GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.1.9
Feb 3, 2022 GO-2022-0357 +23 more
Alert  GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0358: Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
Alert  GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
Alert  GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
Alert  GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.1.8
Dec 13, 2021 GO-2022-0304 +24 more
Alert  GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0358: Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
Alert  GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
Alert  GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
Alert  GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.1.7
Nov 17, 2021 GO-2022-0304 +24 more
Alert  GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0358: Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
Alert  GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
Alert  GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
Alert  GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.1.6
Oct 28, 2021 GO-2022-0304 +24 more
Alert  GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0358: Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
Alert  GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
Alert  GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
Alert  GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.1.5
Oct 20, 2021 GO-2022-0304 +24 more
Alert  GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0358: Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
Alert  GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
Alert  GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
Alert  GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.1.4
Oct 20, 2021 GO-2022-0304 +24 more
Alert  GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0358: Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
Alert  GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
Alert  GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
Alert  GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.1.3
Sep 29, 2021 GO-2022-0304 +24 more
Alert  GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0358: Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
Alert  GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
Alert  GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
Alert  GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.1.2
Sep 2, 2021 GO-2022-0304 +24 more
Alert  GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0358: Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
Alert  GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
Alert  GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
Alert  GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.1.2-hf1
Nov 19, 2021 GO-2022-0304 +24 more
Alert  GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0358: Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
Alert  GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
Alert  GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
Alert  GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.1.1
Aug 25, 2021 GO-2022-0304 +24 more
Alert  GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0358: Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
Alert  GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
Alert  GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
Alert  GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.1.0
Aug 20, 2021 GO-2022-0304 +24 more
Alert  GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0358: Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
Alert  GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
Alert  GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
Alert  GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.1.0-rc3
Aug 11, 2021 GO-2022-0304 +24 more
Alert  GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0358: Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
Alert  GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
Alert  GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
Alert  GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.1.0-rc2
Aug 3, 2021 GO-2022-0304 +24 more
Alert  GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0358: Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
Alert  GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
Alert  GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
Alert  GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.1.0-rc1
Jul 28, 2021 GO-2022-0304 +24 more
Alert  GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0358: Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
Alert  GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
Alert  GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
Alert  GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.0.5
Jul 22, 2021 GO-2022-0304 +24 more
Alert  GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0358: Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
Alert  GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
Alert  GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
Alert  GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.0.4
Jun 23, 2021 GO-2022-0304 +24 more
Alert  GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0358: Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
Alert  GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
Alert  GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
Alert  GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.0.3
May 27, 2021 GO-2022-0304 +24 more
Alert  GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0358: Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
Alert  GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
Alert  GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
Alert  GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.0.2
May 20, 2021 GO-2022-0304 +24 more
Alert  GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0358: Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
Alert  GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
Alert  GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
Alert  GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.0.1
Apr 15, 2021 GO-2022-0304 +24 more
Alert  GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0358: Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
Alert  GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
Alert  GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
Alert  GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.0.0
Apr 7, 2021 GO-2022-0304 +24 more
Alert  GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0358: Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
Alert  GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
Alert  GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
Alert  GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
Changes in this version
v2.0.0-rc4
Apr 5, 2021 GO-2022-0304 +21 more
Alert  GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0358: Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
Alert  GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
Alert  GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
Alert  GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd
v2.0.0-rc3
Apr 2, 2021 GO-2022-0304 +21 more
Alert  GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0358: Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
Alert  GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
Alert  GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
Alert  GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2025-3427: ArgoCD Namespace Isolation Break in github.com/argoproj/argo-cd

Other modules containing this package

github.com/argoproj/argo-cd

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.