Affected by GO-2022-0517
and 13 other vulnerabilities
GO-2022-0517 : Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518 : Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2023-1520 : JWT audience claim is not verified in github.com/argoproj/argo-cd
GO-2023-1577 : Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670 : Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-2049 : Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050 : Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2024-2646 : Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
GO-2024-2667 : Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
GO-2024-2728 : Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792 : Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877 : ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2898 : Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
GO-2024-3002 : Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
Discover Packages
github.com/argoproj/argo-cd/v2
util
app
discovery
package
Version:
v2.4.2
Opens a new window with list of versions in this module.
Published: Jun 21, 2022
License: Apache-2.0
Opens a new window with license information.
Imports: 13
Opens a new window with list of imports.
Imported by: 1
Opens a new window with list of known importers.
Documentation
Documentation
¶
func AppType(ctx context.Context, path string, enableGenerateManifests map[string]bool) (string, error)
func DetectConfigManagementPlugin(ctx context.Context, repoPath string, env []string) (io.Closer, pluginclient.ConfigManagementPluginServiceClient, error)
func Discover(ctx context.Context, repoPath string, enableGenerateManifests map[string]bool) (map[string]string, error)
func IsManifestGenerationEnabled(sourceType v1alpha1.ApplicationSourceType, ...) bool
1. list all plugins in /plugins folder
2. foreach plugin setup connection with respective cmp-server
3. check isSupported(path)?
4.a if no then close connection
4.b if yes then return conn for detected plugin
Source Files
¶
Click to show internal directories.
Click to hide internal directories.