Affected by GO-2022-0495 and 14 other vulnerabilities

GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd

GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd

GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd

GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd

GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd

GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd

GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd

GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd

GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd

GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd

GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2

GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd

GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd

GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd

GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd

config

package

v2.3.4 Latest Latest Go to latest Published: May 18, 2022 License: Apache-2.0 Imports: 10 Imported by: 6

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/argoproj/argo-cd

Links

Open Source Insights

Documentation ¶

Index ¶

func GetBoolFlag(key string) bool
func GetFlag(key, fallback string) string
func MarshalLocalYAMLFile(path string, obj interface{}) error
func ReadRemoteFile(url string) ([]byte, error)
func Unmarshal(data []byte, obj interface{}) error
func UnmarshalLocalFile(path string, obj interface{}) error
func UnmarshalReader(reader io.Reader, obj interface{}) error
func UnmarshalRemoteFile(url string, obj interface{}) error

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func GetBoolFlag ¶

func GetBoolFlag(key string) bool

func GetFlag ¶

func GetFlag(key, fallback string) string

func MarshalLocalYAMLFile ¶

func MarshalLocalYAMLFile(path string, obj interface{}) error

MarshalLocalYAMLFile writes JSON or YAML to a file on disk. The caller is responsible for checking error return values.

func ReadRemoteFile ¶

func ReadRemoteFile(url string) ([]byte, error)

ReadRemoteFile issues a GET request to retrieve the contents of the specified URL as a byte array. The caller is responsible for checking error return values.

func Unmarshal ¶ added in v2.2.0

func Unmarshal(data []byte, obj interface{}) error

func UnmarshalLocalFile ¶

func UnmarshalLocalFile(path string, obj interface{}) error

UnmarshalLocalFile retrieves JSON or YAML from a file on disk. The caller is responsible for checking error return values.

func UnmarshalReader ¶

func UnmarshalReader(reader io.Reader, obj interface{}) error

UnmarshalReader is used to read manifests from stdin

func UnmarshalRemoteFile ¶

func UnmarshalRemoteFile(url string, obj interface{}) error

UnmarshalRemoteFile retrieves JSON or YAML through a GET request. The caller is responsible for checking error return values.

Types ¶

This section is empty.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL