Affected by GO-2023-1520
and 8 other vulnerabilities
GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
package
Version:
v2.3.12
Opens a new window with list of versions in this module.
Published: Dec 16, 2022
License: Apache-2.0
Opens a new window with license information.
Imports: 14
Opens a new window with list of imports.
Imported by: 3
Opens a new window with list of known importers.
Documentation
¶
Code generated by github.com/argoproj/argo-cd/hack/known_types. DO NOT EDIT.
NewIgnoreNormalizer creates diff normalizer which removes ignored fields according to given application spec and resource overrides
NewKnownTypesNormalizer create a normalizer that re-format custom resource fields using built-in Kubernetes types.
Source Files
¶
Click to show internal directories.
Click to hide internal directories.