Affected by GO-2022-0357 and 10 other vulnerabilities

GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd

GO-2022-0358: Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd

GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd

GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd

GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd

GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd

GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2

GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd

GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd

GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd

GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd

discovery

package

v2.3.0-rc4 Latest Latest Go to latest Published: Feb 3, 2022 License: Apache-2.0 Imports: 11 Imported by: 1

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/argoproj/argo-cd

Documentation ¶

Index ¶

func AppType(ctx context.Context, path string) (string, error)
func DetectConfigManagementPlugin(ctx context.Context, appPath string) (io.Closer, pluginclient.ConfigManagementPluginServiceClient, error)
func Discover(ctx context.Context, root string) (map[string]string, error)

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func AppType ¶

func AppType(ctx context.Context, path string) (string, error)

func DetectConfigManagementPlugin ¶ added in v2.2.0

func DetectConfigManagementPlugin(ctx context.Context, appPath string) (io.Closer, pluginclient.ConfigManagementPluginServiceClient, error)

1. list all plugins in /plugins folder 2. foreach plugin setup connection with respective cmp-server 3. check isSupported(path)? 4.a if no then close connection 4.b if yes then return conn for detected plugin

func Discover ¶

func Discover(ctx context.Context, root string) (map[string]string, error)

Types ¶

This section is empty.

Source Files ¶

View all Source files

discovery.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL