Affected by GO-2022-0357
and 10 other vulnerabilities
GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0358: Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
package
Version:
v2.3.0-rc2
Opens a new window with list of versions in this module.
Published: Feb 2, 2022
License: Apache-2.0, Apache-2.0
Opens a new window with license information.
Imports: 1
Opens a new window with list of imports.
Imported by: 2
Opens a new window with list of known importers.
README
¶
Argo CD UI
Web UI for Argo CD.
Getting started
- Install NodeJS and Yarn. On macOS with Homebrew, running
brew install node yarn
will accomplish this.
- Run
yarn install
to install local prerequisites.
- Run
yarn start
to launch the webpack dev UI server.
- Run
yarn build
to bundle static resources into the ./dist
directory.
To build a Docker image, run IMAGE_NAMESPACE=yourimagerepo IMAGE_TAG=latest yarn docker
.
To do the same and push to a Docker registry, run IMAGE_NAMESPACE=yourimagerepo IMAGE_TAG=latest DOCKER_PUSH=true yarn docker
.
Pre-commit Checks
Make sure your code passes the lint checks:
yarn lint --fix
Documentation
¶
Embedded contains embedded UI resources
Source Files
¶
Click to show internal directories.
Click to hide internal directories.