swagger

package
Go to main page

Versions in this module

v2
v2.13.0
Sep 16, 2024
v2.13.0-rc5
Oct 18, 2024
v2.13.0-rc4
Oct 17, 2024
v2.13.0-rc3
Oct 7, 2024
v2.13.0-rc2
Sep 20, 2024
v2.13.0-rc1
Sep 16, 2024
v2.12.6
Oct 18, 2024
v2.12.5
Oct 17, 2024
v2.12.4
Sep 26, 2024
v2.12.3
Aug 27, 2024
v2.12.2
Aug 23, 2024
v2.12.1
Aug 16, 2024
v2.12.0
Aug 5, 2024
v2.12.0-rc5
Aug 1, 2024
v2.12.0-rc4
Jul 15, 2024
v2.12.0-rc3
Jul 2, 2024
v2.12.0-rc2
Jun 24, 2024
v2.12.0-rc1
Jun 18, 2024
v2.11.11
Oct 18, 2024
v2.11.10
Oct 17, 2024
v2.11.9
Sep 26, 2024
v2.11.8
Sep 11, 2024
v2.11.7
Jul 24, 2024
v2.11.6
Jul 22, 2024 GO-2024-3006
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.11.5
Jul 15, 2024 GO-2024-3002 +1 more
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.11.4
Jul 2, 2024 GO-2024-3002 +1 more
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.11.3
Jun 6, 2024 GO-2024-3002 +1 more
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.11.2
May 23, 2024 GO-2024-2898 +3 more
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.11.1
May 21, 2024 GO-2024-2898 +3 more
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.11.0
May 7, 2024 GO-2024-2877 +4 more
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.11.0-rc3
Apr 29, 2024 GO-2024-2877
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
v2.11.0-rc2
Apr 15, 2024 GO-2024-2877
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
v2.11.0-rc1
Apr 5, 2024 GO-2024-2877
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
v2.10.18
Oct 17, 2024
v2.10.17
Sep 26, 2024
v2.10.16
Jul 24, 2024
v2.10.15
Jul 22, 2024 GO-2024-3006
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.10.14
Jul 15, 2024 GO-2024-3002 +1 more
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.10.13
Jul 2, 2024 GO-2024-3002 +1 more
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.10.12
Jun 6, 2024 GO-2024-3002 +1 more
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.10.11
May 23, 2024 GO-2024-2898 +3 more
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.10.10
May 21, 2024 GO-2024-2898 +3 more
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.10.9
Apr 30, 2024 GO-2024-2877 +4 more
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.10.8
Apr 26, 2024 GO-2024-2877 +4 more
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.10.7
Apr 15, 2024 GO-2024-2792 +5 more
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.10.6
Apr 5, 2024 GO-2024-2728 +6 more
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.10.5
Mar 28, 2024 GO-2024-2728 +6 more
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.10.4
Mar 18, 2024 GO-2024-2667 +7 more
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.10.3
Mar 13, 2024 GO-2024-2652 +9 more
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.10.2
Mar 1, 2024 GO-2024-2643 +11 more
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.10.1
Feb 13, 2024 GO-2024-2643 +11 more
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.10.0
Feb 5, 2024 GO-2024-2643 +11 more
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.10.0-rc5
Feb 2, 2024 GO-2024-2877
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
v2.10.0-rc4
Jan 25, 2024 GO-2024-2877
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
v2.10.0-rc3
Jan 19, 2024 GO-2024-2877
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
v2.10.0-rc2
Jan 18, 2024 GO-2024-2877
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
v2.10.0-rc1
Dec 18, 2023 GO-2024-2877
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
v2.9.22
Aug 22, 2024
v2.9.21
Jul 24, 2024
v2.9.20
Jul 22, 2024 GO-2024-3006
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.9.19
Jul 15, 2024 GO-2024-3002 +1 more
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.9.18
Jul 2, 2024 GO-2024-3002 +1 more
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.9.17
Jun 6, 2024 GO-2024-3002 +1 more
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.9.16
May 23, 2024 GO-2024-2898 +3 more
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.9.15
May 21, 2024 GO-2024-2898 +3 more
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.9.14
Apr 30, 2024 GO-2024-2877 +4 more
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.9.13
Apr 26, 2024 GO-2024-2877 +4 more
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.9.12
Apr 15, 2024 GO-2024-2792 +5 more
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.9.11
Apr 4, 2024 GO-2024-2728 +6 more
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.9.10
Mar 28, 2024 GO-2024-2728 +6 more
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.9.9
Mar 18, 2024 GO-2024-2667 +7 more
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.9.8
Mar 13, 2024 GO-2024-2652 +9 more
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.9.7
Mar 1, 2024 GO-2024-2643 +11 more
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.9.6
Feb 2, 2024 GO-2024-2643 +11 more
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.9.5
Jan 19, 2024 GO-2024-2643 +11 more
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.9.4
Jan 18, 2024 GO-2024-2643 +11 more
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.9.3
Dec 1, 2023 GO-2024-2643 +11 more
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.9.2
Nov 20, 2023 GO-2024-2643 +10 more
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.9.1
Nov 14, 2023 GO-2024-2643 +10 more
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.9.0
Nov 6, 2023 GO-2024-2643 +10 more
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.9.0-rc4
Oct 31, 2023 GO-2024-2877 +3 more
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.9.0-rc3
Oct 25, 2023 GO-2024-2877 +3 more
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.9.0-rc2
Oct 3, 2023 GO-2024-2877 +3 more
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.9.0-rc1
Sep 25, 2023 GO-2024-2877 +3 more
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.8.21
Aug 21, 2024 GO-2024-2898 +2 more
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.8.20
May 23, 2024 GO-2024-2898 +2 more
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.8.19
May 21, 2024 GO-2024-2898 +2 more
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.8.18
Apr 30, 2024 GO-2024-2877 +3 more
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.8.17
Apr 26, 2024 GO-2024-2877 +3 more
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.8.16
Apr 15, 2024 GO-2024-2792 +4 more
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.8.15
Apr 4, 2024 GO-2024-2728 +5 more
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.8.14
Mar 28, 2024 GO-2024-2728 +5 more
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.8.13
Mar 18, 2024 GO-2024-2667 +6 more
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.8.12
Mar 13, 2024 GO-2024-2652 +8 more
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.8.11
Mar 1, 2024 GO-2024-2643 +10 more
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.8.10
Feb 2, 2024 GO-2024-2643 +10 more
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.8.9
Jan 19, 2024 GO-2024-2643 +10 more
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.8.8
Jan 19, 2024 GO-2024-2643 +10 more
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.8.7
Nov 20, 2023 GO-2024-2643 +10 more
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.8.6
Oct 31, 2023 GO-2024-2643 +10 more
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.8.5
Oct 26, 2023 GO-2024-2643 +10 more
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.8.4
Sep 13, 2023 GO-2024-2643 +10 more
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.8.3
Sep 7, 2023 GO-2024-2643 +10 more
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.8.2
Aug 24, 2023 GO-2023-2049 +12 more
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.8.1
Aug 21, 2023 GO-2023-2049 +12 more
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.8.0
Aug 7, 2023 GO-2023-2018 +13 more
Alert  GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.8.0-rc7
Aug 3, 2023 GO-2024-2643 +10 more
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.8.0-rc6
Jul 27, 2023 GO-2024-2643 +10 more
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.8.0-rc5
Jul 19, 2023 GO-2024-2643 +10 more
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.8.0-rc4
Jul 18, 2023 GO-2024-2643 +10 more
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.8.0-rc3
Jul 12, 2023 GO-2024-2643 +10 more
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.8.0-rc2
Jul 5, 2023 GO-2024-2643 +10 more
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.8.0-rc1
Jun 27, 2023 GO-2024-2643 +10 more
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.7.18
Apr 4, 2024 GO-2024-2643 +10 more
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.7.17
Feb 2, 2024 GO-2024-2643 +10 more
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.7.16
Jan 19, 2024 GO-2024-2643 +10 more
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.7.15
Nov 2, 2023 GO-2024-2643 +10 more
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.7.14
Sep 7, 2023 GO-2024-2643 +10 more
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.7.13
Aug 24, 2023 GO-2023-2049 +12 more
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.7.12
Aug 21, 2023 GO-2023-2049 +12 more
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.7.11
Aug 7, 2023 GO-2023-2018 +13 more
Alert  GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.7.10
Jul 31, 2023 GO-2023-2018 +13 more
Alert  GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.7.9
Jul 24, 2023 GO-2023-2018 +13 more
Alert  GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.7.8
Jul 19, 2023 GO-2023-2018 +13 more
Alert  GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.7.7
Jul 5, 2023 GO-2023-2018 +13 more
Alert  GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.7.6
Jun 20, 2023 GO-2023-2018 +13 more
Alert  GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.7.5
Jun 16, 2023 GO-2023-2018 +13 more
Alert  GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.7.4
Jun 5, 2023 GO-2023-2018 +13 more
Alert  GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.7.3
May 24, 2023 GO-2023-2018 +13 more
Alert  GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.7.2
May 12, 2023 GO-2023-2018 +13 more
Alert  GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.7.1
May 2, 2023 GO-2023-2018 +13 more
Alert  GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.7.0
May 2, 2023 GO-2023-2018 +13 more
Alert  GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.7.0-rc2
Apr 11, 2023 GO-2024-2643 +10 more
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.7.0-rc1
Mar 27, 2023 GO-2024-2643 +10 more
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.6.15
Sep 7, 2023 GO-2024-2643 +10 more
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.6.14
Aug 7, 2023 GO-2023-2049 +12 more
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.6.13
Jul 19, 2023 GO-2023-2018 +13 more
Alert  GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.6.12
Jul 5, 2023 GO-2023-2018 +13 more
Alert  GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.6.11
Jun 20, 2023 GO-2023-2018 +13 more
Alert  GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.6.10
Jun 16, 2023 GO-2023-2018 +13 more
Alert  GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.6.9
Jun 5, 2023 GO-2023-2018 +13 more
Alert  GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.6.8
May 25, 2023 GO-2023-2018 +13 more
Alert  GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.6.7
Mar 23, 2023 GO-2023-2018 +13 more
Alert  GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.6.6
Mar 16, 2023 GO-2023-1670 +14 more
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.6.5
Mar 14, 2023 GO-2023-1670 +14 more
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.6.4
Mar 7, 2023 GO-2023-1670 +14 more
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.6.3
Feb 27, 2023 GO-2023-1670 +14 more
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.6.2
Feb 16, 2023 GO-2023-1670 +14 more
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.6.1
Feb 8, 2023 GO-2023-1577 +15 more
Alert  GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.6.0
Feb 6, 2023 GO-2023-1548 +16 more
Alert  GO-2023-1548: Repository access credential leak in github.com/argoproj/argo-cd/v2
Alert  GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Alert  GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v2.6.0-rc7
Feb 2, 2023 GO-2023-1548 +12 more
Alert  GO-2023-1548: Repository access credential leak in github.com/argoproj/argo-cd/v2
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.6.0-rc6
Jan 27, 2023 GO-2023-1548 +12 more
Alert  GO-2023-1548: Repository access credential leak in github.com/argoproj/argo-cd/v2
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.6.0-rc5
Jan 25, 2023 GO-2023-1548 +12 more
Alert  GO-2023-1548: Repository access credential leak in github.com/argoproj/argo-cd/v2
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.6.0-rc4
Jan 18, 2023 GO-2023-1512 +14 more
Alert  GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1548: Repository access credential leak in github.com/argoproj/argo-cd/v2
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.6.0-rc3
Jan 13, 2023 GO-2023-1520 +13 more
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1548: Repository access credential leak in github.com/argoproj/argo-cd/v2
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.6.0-rc2
Jan 5, 2023 GO-2023-1520 +13 more
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1548: Repository access credential leak in github.com/argoproj/argo-cd/v2
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.6.0-rc1
Dec 19, 2022 GO-2023-1520 +13 more
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1548: Repository access credential leak in github.com/argoproj/argo-cd/v2
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.5.22
Aug 7, 2023 GO-2023-2049 +11 more
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.5.21
Jul 19, 2023 GO-2023-2049 +11 more
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.5.20
Jul 5, 2023 GO-2023-2049 +11 more
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.5.19
Jun 16, 2023 GO-2023-2049 +11 more
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.5.18
Jun 5, 2023 GO-2023-2049 +11 more
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.5.17
May 25, 2023 GO-2023-2049 +11 more
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.5.16
Mar 23, 2023 GO-2023-2049 +11 more
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.5.15
Mar 16, 2023 GO-2023-1670 +12 more
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.5.14
Mar 14, 2023 GO-2023-1670 +12 more
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.5.13
Mar 7, 2023 GO-2023-1670 +12 more
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.5.12
Feb 27, 2023 GO-2023-1670 +12 more
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.5.11
Feb 16, 2023 GO-2023-1670 +12 more
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.5.10
Feb 2, 2023 GO-2023-1577 +13 more
Alert  GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.5.9
Jan 27, 2023 GO-2023-1577 +13 more
Alert  GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.5.8
Jan 25, 2023 GO-2023-1577 +13 more
Alert  GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.5.7
Jan 18, 2023 GO-2023-1512 +15 more
Alert  GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.5.6
Jan 10, 2023 GO-2023-1512 +15 more
Alert  GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.5.5
Dec 16, 2022 GO-2023-1512 +15 more
Alert  GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.5.4
Dec 6, 2022 GO-2023-1512 +15 more
Alert  GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.5.3
Nov 28, 2022 GO-2023-1512 +15 more
Alert  GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.5.2
Nov 7, 2022 GO-2023-1512 +15 more
Alert  GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.5.1
Nov 1, 2022 GO-2023-1512 +15 more
Alert  GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.5.0
Oct 24, 2022 GO-2023-1512 +15 more
Alert  GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.5.0-rc3
Oct 17, 2022 GO-2023-1512 +12 more
Alert  GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.5.0-rc2
Oct 11, 2022 GO-2023-1512 +12 more
Alert  GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.5.0-rc1
Oct 5, 2022 GO-2023-1512 +12 more
Alert  GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.4.28
Mar 23, 2023 GO-2023-2049 +11 more
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.4.27
Mar 16, 2023 GO-2023-1670 +12 more
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.4.26
Mar 14, 2023 GO-2023-1670 +12 more
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.4.25
Mar 7, 2023 GO-2023-1670 +12 more
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.4.24
Feb 27, 2023 GO-2023-1670 +12 more
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.4.23
Feb 16, 2023 GO-2023-1670 +12 more
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.4.22
Feb 2, 2023 GO-2023-1577 +13 more
Alert  GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.4.21
Jan 27, 2023 GO-2023-1577 +13 more
Alert  GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.4.20
Jan 25, 2023 GO-2023-1577 +13 more
Alert  GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.4.19
Jan 18, 2023 GO-2023-1520 +14 more
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.4.18
Dec 16, 2022 GO-2023-1520 +14 more
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.4.17
Nov 7, 2022 GO-2023-1520 +14 more
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.4.16
Nov 1, 2022 GO-2023-1520 +14 more
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.4.15
Oct 17, 2022 GO-2023-1520 +14 more
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.4.14
Oct 5, 2022 GO-2023-1520 +14 more
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.4.13
Oct 3, 2022 GO-2023-1520 +14 more
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.4.12
Sep 16, 2022 GO-2023-1520 +14 more
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.4.11
Aug 22, 2022 GO-2023-1520 +14 more
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.4.10
Aug 17, 2022 GO-2023-1520 +14 more
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.4.9
Aug 11, 2022 GO-2023-1520 +14 more
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.4.8
Jul 29, 2022 GO-2023-1520 +14 more
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.4.7
Jul 18, 2022 GO-2023-1520 +14 more
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.4.6
Jul 12, 2022 GO-2023-1520 +14 more
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.4.5
Jul 12, 2022 GO-2023-1520 +14 more
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.4.4
Jul 7, 2022 GO-2022-0517 +16 more
Alert  GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
Alert  GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.4.3
Jun 27, 2022 GO-2022-0517 +16 more
Alert  GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
Alert  GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.4.2
Jun 21, 2022 GO-2022-0517 +16 more
Alert  GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
Alert  GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.4.1
Jun 21, 2022 GO-2022-0517 +16 more
Alert  GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
Alert  GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.4.0
Jun 10, 2022 GO-2022-0495 +20 more
Alert  GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
Alert  GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
Alert  GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
Alert  GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.4.0-rc5
Jun 6, 2022 GO-2023-1670 +9 more
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.4.0-rc4
Jun 1, 2022 GO-2023-1670 +9 more
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.4.0-rc3
May 31, 2022 GO-2023-1670 +9 more
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.4.0-rc2
May 18, 2022 GO-2023-1670 +9 more
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.4.0-rc1
May 6, 2022 GO-2023-1670 +9 more
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.3.17
Feb 16, 2023 GO-2023-1670 +9 more
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.3.16
Feb 2, 2023 GO-2023-1577 +10 more
Alert  GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.3.15
Jan 27, 2023 GO-2023-1577 +10 more
Alert  GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.3.14
Jan 25, 2023 GO-2023-1577 +10 more
Alert  GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.3.13
Jan 18, 2023 GO-2023-1520 +11 more
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.3.12
Dec 16, 2022 GO-2023-1520 +11 more
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.3.11
Nov 1, 2022 GO-2023-1520 +11 more
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.3.10
Oct 17, 2022 GO-2023-1520 +11 more
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.3.9
Oct 5, 2022 GO-2023-1520 +11 more
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.3.8
Oct 3, 2022 GO-2023-1520 +11 more
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.3.7
Jul 29, 2022 GO-2023-1520 +11 more
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.3.6
Jul 12, 2022 GO-2023-1520 +11 more
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.3.5
Jun 21, 2022 GO-2022-0517 +13 more
Alert  GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
Alert  GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.3.4
May 18, 2022 GO-2022-0495 +17 more
Alert  GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
Alert  GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
Alert  GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
Alert  GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.3.3
Mar 29, 2022 GO-2022-0453 +20 more
Alert  GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
Alert  GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
Alert  GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
Alert  GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.3.2
Mar 23, 2022 GO-2022-0453 +20 more
Alert  GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
Alert  GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
Alert  GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
Alert  GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.3.1
Mar 10, 2022 GO-2022-0359 +22 more
Alert  GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
Alert  GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
Alert  GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
Alert  GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
Alert  GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.3.0
Mar 6, 2022 GO-2022-0359 +22 more
Alert  GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
Alert  GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
Alert  GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
Alert  GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
Alert  GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.3.0-rc5
Feb 4, 2022 GO-2022-0357 +13 more
Alert  GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0358: Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.3.0-rc4
Feb 3, 2022 GO-2022-0357 +13 more
Alert  GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0358: Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.3.0-rc2
Feb 2, 2022 GO-2022-0357 +13 more
Alert  GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0358: Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.3.0-rc1
Jan 30, 2022 GO-2022-0357 +13 more
Alert  GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0358: Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.2.16
Nov 1, 2022 GO-2023-1520 +11 more
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.2.15
Oct 18, 2022 GO-2023-1520 +11 more
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.2.14
Oct 5, 2022 GO-2023-1520 +11 more
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.2.13
Oct 3, 2022 GO-2023-1520 +11 more
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.2.12
Jul 29, 2022 GO-2023-1520 +11 more
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.2.11
Jul 12, 2022 GO-2023-1520 +11 more
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.2.10
Jun 21, 2022 GO-2022-0518 +12 more
Alert  GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.2.9
May 18, 2022 GO-2022-0495 +16 more
Alert  GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
Alert  GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
Alert  GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.2.8
Mar 23, 2022 GO-2022-0453 +19 more
Alert  GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
Alert  GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
Alert  GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.2.8-1
Mar 28, 2022 GO-2022-0359 +21 more
Alert  GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
Alert  GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
Alert  GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
Alert  GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.2.7
Mar 9, 2022 GO-2022-0359 +21 more
Alert  GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
Alert  GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
Alert  GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
Alert  GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.2.6
Mar 6, 2022 GO-2022-0359 +21 more
Alert  GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
Alert  GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
Alert  GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
Alert  GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.2.5
Feb 5, 2022 GO-2022-0357 +23 more
Alert  GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0358: Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
Alert  GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
Alert  GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
Alert  GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.2.4
Feb 3, 2022 GO-2022-0357 +23 more
Alert  GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0358: Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
Alert  GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
Alert  GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
Alert  GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.2.3
Jan 18, 2022 GO-2022-0304 +24 more
Alert  GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0358: Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
Alert  GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
Alert  GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
Alert  GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.2.2
Jan 1, 2022 GO-2022-0304 +24 more
Alert  GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0358: Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
Alert  GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
Alert  GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
Alert  GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.2.1
Dec 17, 2021 GO-2022-0304 +24 more
Alert  GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0358: Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
Alert  GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
Alert  GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
Alert  GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.2.0
Dec 14, 2021 GO-2022-0304 +24 more
Alert  GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0358: Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
Alert  GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
Alert  GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
Alert  GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
Alert  GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.2.0-rc1
Nov 12, 2021 GO-2022-0518 +11 more
Alert  GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.1.16
Jun 21, 2022 GO-2022-0518 +11 more
Alert  GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.1.15
May 18, 2022 GO-2022-0495 +15 more
Alert  GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
Alert  GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
Alert  GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.1.14
Mar 23, 2022 GO-2022-0453 +18 more
Alert  GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
Alert  GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
Alert  GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.1.13
Mar 22, 2022 GO-2022-0359 +20 more
Alert  GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
Alert  GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
Alert  GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
Alert  GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.1.12
Mar 9, 2022 GO-2022-0359 +20 more
Alert  GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
Alert  GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
Alert  GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
Alert  GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.1.11
Mar 6, 2022 GO-2022-0359 +20 more
Alert  GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
Alert  GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
Alert  GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
Alert  GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.1.10
Feb 5, 2022 GO-2022-0357 +22 more
Alert  GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0358: Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
Alert  GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
Alert  GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
Alert  GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.1.9
Feb 3, 2022 GO-2022-0357 +22 more
Alert  GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0358: Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
Alert  GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
Alert  GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
Alert  GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.1.8
Dec 13, 2021 GO-2022-0304 +23 more
Alert  GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0358: Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
Alert  GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
Alert  GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
Alert  GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.1.7
Nov 17, 2021 GO-2022-0304 +23 more
Alert  GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0358: Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
Alert  GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
Alert  GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
Alert  GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.1.6
Oct 28, 2021 GO-2022-0304 +23 more
Alert  GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0358: Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
Alert  GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
Alert  GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
Alert  GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.1.5
Oct 20, 2021 GO-2022-0304 +23 more
Alert  GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0358: Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
Alert  GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
Alert  GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
Alert  GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.1.4
Oct 20, 2021 GO-2022-0304 +23 more
Alert  GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0358: Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
Alert  GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
Alert  GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
Alert  GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.1.3
Sep 29, 2021 GO-2022-0304 +23 more
Alert  GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0358: Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
Alert  GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
Alert  GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
Alert  GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.1.2
Sep 2, 2021 GO-2022-0304 +23 more
Alert  GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0358: Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
Alert  GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
Alert  GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
Alert  GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.1.2-hf1
Nov 19, 2021 GO-2022-0304 +23 more
Alert  GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0358: Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
Alert  GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
Alert  GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
Alert  GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.1.1
Aug 25, 2021 GO-2022-0304 +23 more
Alert  GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0358: Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
Alert  GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
Alert  GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
Alert  GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.1.0
Aug 20, 2021 GO-2022-0304 +23 more
Alert  GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0358: Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
Alert  GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
Alert  GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
Alert  GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.1.0-rc3
Aug 11, 2021 GO-2022-0304 +23 more
Alert  GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0358: Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
Alert  GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
Alert  GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
Alert  GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.1.0-rc2
Aug 3, 2021 GO-2022-0304 +23 more
Alert  GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0358: Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
Alert  GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
Alert  GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
Alert  GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.1.0-rc1
Jul 28, 2021 GO-2022-0304 +23 more
Alert  GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0358: Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
Alert  GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
Alert  GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
Alert  GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.0.5
Jul 22, 2021 GO-2022-0304 +23 more
Alert  GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0358: Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
Alert  GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
Alert  GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
Alert  GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.0.4
Jun 23, 2021 GO-2022-0304 +23 more
Alert  GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0358: Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
Alert  GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
Alert  GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
Alert  GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.0.3
May 27, 2021 GO-2022-0304 +23 more
Alert  GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0358: Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
Alert  GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
Alert  GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
Alert  GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.0.2
May 20, 2021 GO-2022-0304 +23 more
Alert  GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0358: Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
Alert  GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
Alert  GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
Alert  GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.0.1
Apr 15, 2021 GO-2022-0304 +23 more
Alert  GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0358: Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
Alert  GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
Alert  GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
Alert  GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.0.0
Apr 7, 2021 GO-2022-0304 +23 more
Alert  GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0358: Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
Alert  GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
Alert  GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
Alert  GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Changes in this version
v2.0.0-rc4
Apr 5, 2021 GO-2022-0304 +20 more
Alert  GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0358: Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
Alert  GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
Alert  GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
Alert  GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
v2.0.0-rc3
Apr 2, 2021 GO-2022-0304 +20 more
Alert  GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0358: Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
Alert  GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
Alert  GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
Alert  GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
Alert  GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
Alert  GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
Alert  GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
Alert  GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
Alert  GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
Alert  GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2
Alert  GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
Alert  GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
Alert  GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
Alert  GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd

Other modules containing this package

github.com/argoproj/argo-cd

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.