GO-2022-0359
and 17 other vulnerabilities
GO-2022-0359 : Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0453 : Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454 : Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455 : Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495 : DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0497 : Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
GO-2022-0498 : Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
GO-2022-0499 : Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0516 : Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0518 : Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2023-1520 : JWT audience claim is not verified in github.com/argoproj/argo-cd
GO-2023-1670 : Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-2085 : Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2646 : Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
GO-2024-2792 : Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877 : ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2898 : Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
GO-2024-3002 : Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Discover Packages
github.com/argoproj/argo-cd/v2
pkg
client
clientset
versioned
fake
package
Version:
v2.1.11
Opens a new window with list of versions in this module.
Published: Mar 6, 2022
License: Apache-2.0
Opens a new window with license information.
Imports: 13
Opens a new window with list of imports.
Imported by: 3
Opens a new window with list of known importers.
Documentation
¶
This package has the automatically generated fake clientset.
View Source var AddToScheme = localSchemeBuilder.AddToScheme
AddToScheme adds all types of this clientset into the given scheme. This allows composition
of clientsets, like in:
import (
"k8s.io/client-go/kubernetes"
clientsetscheme "k8s.io/client-go/kubernetes/scheme"
aggregatorclientsetscheme "k8s.io/kube-aggregator/pkg/client/clientset_generated/clientset/scheme"
)
kclientset, _ := kubernetes.NewForConfig(c)
_ = aggregatorclientsetscheme.AddToScheme(clientsetscheme.Scheme)
After this, RawExtensions in Kubernetes types will serialize kube-aggregator types
correctly.
Clientset implements clientset.Interface. Meant to be embedded into a
struct to get a default implementation. This makes faking out just the method
you want to test easier.
NewSimpleClientset returns a clientset that will respond with the provided objects.
It's backed by a very simple object tracker that processes creates, updates and deletions as-is,
without applying any validations and/or defaults. It shouldn't be considered a replacement
for a real clientset and is mostly useful in simple unit tests.
ArgoprojV1alpha1 retrieves the ArgoprojV1alpha1Client
¶
Click to show internal directories.
Click to hide internal directories.
Affected by 
Documentation
¶
Source Files