Why Go
- Case Studies
  
  Common problems companies solve with Go
- Use Cases
  
  Stories about how and why companies use Go
- Security Policy
  
  How Go can help keep you secure by default
Learn
Docs
- Effective Go
  
  Tips for writing clear, performant, and idiomatic Go code
- Go User Manual
  
  A complete introduction to building software with Go
- Standard library
  
  Reference documentation for Go's standard library
- Release Notes
  
  Learn what's new in each Go release
Packages
Community
- Recorded Talks
  
  Videos from prior events
- Meetups
  
  Meet other local Go developers
- Conferences
  
  Learn and network with Go developers from around the world
- Go blog
  
  The Go project's official blog.
- Go project
  
  Get help and stay informed from Go
- Get connected

v1alpha1

package

Go to main page

Versions in this module

v2

v2.4.28

Mar 23, 2023 GO-2023-2049 +11 more

GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd

GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd

GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2

GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2

GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2

GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2

GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2

GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd

GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd

GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd

GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd

GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd

v2.4.27

Mar 16, 2023 GO-2023-1670 +12 more

GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd

GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd

GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd

GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2

GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2

GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2

GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2

GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2

GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd

GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd

GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd

GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd

GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd

v2.4.26

Mar 14, 2023 GO-2023-1670 +12 more

GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd

GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd

GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd

GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2

GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2

GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2

GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2

GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2

GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd

GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd

GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd

GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd

GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd

v2.4.25

Mar 7, 2023 GO-2023-1670 +12 more

GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd

GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd

GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd

GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2

GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2

GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2

GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2

GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2

GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd

GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd

GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd

GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd

GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd

v2.4.24

Feb 27, 2023 GO-2023-1670 +12 more

GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd

GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd

GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd

GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2

GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2

GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2

GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2

GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2

GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd

GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd

GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd

GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd

GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd

v2.4.23

Feb 16, 2023 GO-2023-1670 +12 more

GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd

GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd

GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd

GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2

GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2

GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2

GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2

GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2

GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd

GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd

GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd

GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd

GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd

v2.4.22

Feb 2, 2023 GO-2023-1577 +13 more

GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd

GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd

GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd

GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd

GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2

GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2

GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2

GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2

GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2

GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd

GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd

GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd

GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd

GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd

v2.4.21

Jan 27, 2023 GO-2023-1577 +13 more

GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd

GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd

GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd

GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd

GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2

GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2

GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2

GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2

GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2

GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd

GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd

GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd

GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd

GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd

v2.4.20

Jan 25, 2023 GO-2023-1577 +13 more

GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd

GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd

GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd

GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd

GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2

GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2

GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2

GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2

GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2

GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd

GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd

GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd

GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd

GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd

v2.4.19

Jan 18, 2023 GO-2023-1520 +14 more

GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd

GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd

GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd

GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd

GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd

GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2

GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2

GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2

GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2

GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2

GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd

GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd

GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd

GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd

GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd

v2.4.18

Dec 16, 2022 GO-2023-1520 +14 more

GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd

GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd

GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd

GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd

GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd

GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2

GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2

GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2

GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2

GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2

GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd

GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd

GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd

GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd

GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd

v2.4.17

Nov 7, 2022 GO-2023-1520 +14 more

GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd

GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd

GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd

GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd

GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd

GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2

GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2

GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2

GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2

GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2

GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd

GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd

GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd

GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd

GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd

v2.4.16

Nov 1, 2022 GO-2023-1520 +14 more

GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd

GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd

GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd

GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd

GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd

GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2

GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2

GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2

GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2

GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2

GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd

GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd

GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd

GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd

GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd

v2.4.15

Oct 17, 2022 GO-2023-1520 +14 more

GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd

GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd

GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd

GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd

GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd

GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2

GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2

GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2

GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2

GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2

GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd

GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd

GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd

GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd

GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd

v2.4.14

Oct 5, 2022 GO-2023-1520 +14 more

GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd

GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd

GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd

GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd

GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd

GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2

GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2

GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2

GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2

GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2

GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd

GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd

GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd

GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd

GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd

v2.4.13

Oct 3, 2022 GO-2023-1520 +14 more

GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd

GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd

GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd

GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd

GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd

GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2

GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2

GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2

GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2

GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2

GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd

GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd

GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd

GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd

GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd

v2.4.12

Sep 16, 2022 GO-2023-1520 +14 more

GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd

GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd

GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd

GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd

GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd

GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2

GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2

GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2

GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2

GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2

GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd

GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd

GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd

GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd

GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd

v2.4.11

Aug 22, 2022 GO-2023-1520 +14 more

GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd

GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd

GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd

GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd

GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd

GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2

GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2

GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2

GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2

GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2

GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd

GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd

GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd

GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd

GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd

v2.4.10

Aug 17, 2022 GO-2023-1520 +14 more

GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd

GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd

GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd

GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd

GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd

GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2

GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2

GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2

GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2

GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2

GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd

GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd

GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd

GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd

GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd

v2.4.9

Aug 11, 2022 GO-2023-1520 +14 more

GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd

GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd

GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd

GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd

GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd

GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2

GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2

GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2

GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2

GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2

GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd

GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd

GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd

GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd

GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd

v2.4.8

Jul 29, 2022 GO-2023-1520 +14 more

GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd

GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd

GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd

GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd

GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd

GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2

GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2

GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2

GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2

GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2

GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd

GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd

GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd

GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd

GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd

v2.4.7

Jul 18, 2022 GO-2023-1520 +14 more

GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd

GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd

GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd

GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd

GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd

GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2

GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2

GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2

GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2

GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2

GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd

GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd

GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd

GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd

GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd

v2.4.6

Jul 12, 2022 GO-2023-1520 +14 more

GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd

GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd

GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd

GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd

GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd

GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2

GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2

GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2

GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2

GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2

GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd

GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd

GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd

GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd

GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd

v2.4.5

Jul 12, 2022 GO-2023-1520 +14 more

GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd

GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd

GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd

GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd

GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd

GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2

GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2

GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2

GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2

GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2

GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd

GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd

GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd

GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd

GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd

v2.4.4

Jul 7, 2022 GO-2022-0517 +16 more

GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd

GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd

GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd

GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd

GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd

GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd

GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd

GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2

GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2

GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2

GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2

GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2

GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd

GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd

GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd

GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd

GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd

v2.4.3

Jun 27, 2022 GO-2022-0517 +16 more

GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd

GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd

GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd

GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd

GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd

GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd

GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd

GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2

GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2

GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2

GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2

GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2

GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd

GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd

GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd

GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd

GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd

v2.4.2

Jun 21, 2022 GO-2022-0517 +16 more

GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd

GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd

GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd

GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd

GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd

GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd

GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd

GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2

GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2

GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2

GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2

GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2

GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd

GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd

GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd

GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd

GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd

v2.4.1

Jun 21, 2022 GO-2022-0517 +16 more

GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd

GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd

GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd

GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd

GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd

GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd

GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd

GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2

GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2

GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2

GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2

GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2

GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd

GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd

GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd

GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd

GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd

v2.4.0

Jun 10, 2022 GO-2022-0495 +20 more

GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd

GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd

GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd

GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd

GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd

GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd

GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd

GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd

GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd

GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd

GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd

GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2

GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2

GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2

GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2

GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2

GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd

GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd

GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd

GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd

GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd

Changes in this version

+ const ApplicationSetReasonApplicationGenerated

+ const ApplicationSetReasonApplicationParamsGenerationError

+ const ApplicationSetReasonApplicationSetUpToDate

+ const ApplicationSetReasonApplicationValidationError

+ const ApplicationSetReasonCreateApplicationError

+ const ApplicationSetReasonDeleteApplicationError

+ const ApplicationSetReasonErrorOccurred

+ const ApplicationSetReasonParametersGenerated

+ const ApplicationSetReasonRefreshApplicationError

+ const ApplicationSetReasonRenderTemplateParamsError

+ const ApplicationSetReasonUpdateApplicationError

+ var AddToScheme = SchemeBuilder.AddToScheme

+ var GroupVersion = schema.GroupVersion

+ var SchemeBuilder = &scheme.Builder

+ type ApplicationSet struct

+ Spec ApplicationSetSpec

+ Status ApplicationSetStatus

+ func (a *ApplicationSet) RefreshRequired() bool

+ func (in *ApplicationSet) DeepCopy() *ApplicationSet

+ func (in *ApplicationSet) DeepCopyInto(out *ApplicationSet)

+ func (in *ApplicationSet) DeepCopyObject() runtime.Object

+ type ApplicationSetCondition struct

+ LastTransitionTime *metav1.Time

+ Message string

+ Reason string

+ Status ApplicationSetConditionStatus

+ Type ApplicationSetConditionType

+ func (in *ApplicationSetCondition) DeepCopy() *ApplicationSetCondition

+ func (in *ApplicationSetCondition) DeepCopyInto(out *ApplicationSetCondition)

+ type ApplicationSetConditionStatus string

+ const ApplicationSetConditionStatusFalse

+ const ApplicationSetConditionStatusTrue

+ const ApplicationSetConditionStatusUnknown

+ type ApplicationSetConditionType string

+ const ApplicationSetConditionErrorOccurred

+ const ApplicationSetConditionParametersGenerated

+ const ApplicationSetConditionResourcesUpToDate

+ type ApplicationSetGenerator struct

+ ClusterDecisionResource *DuckTypeGenerator

+ Clusters *ClusterGenerator

+ Git *GitGenerator

+ List *ListGenerator

+ Matrix *MatrixGenerator

+ Merge *MergeGenerator

+ PullRequest *PullRequestGenerator

+ SCMProvider *SCMProviderGenerator

+ func (in *ApplicationSetGenerator) DeepCopy() *ApplicationSetGenerator

+ func (in *ApplicationSetGenerator) DeepCopyInto(out *ApplicationSetGenerator)

+ type ApplicationSetList struct

+ Items []ApplicationSet

+ func (in *ApplicationSetList) DeepCopy() *ApplicationSetList

+ func (in *ApplicationSetList) DeepCopyInto(out *ApplicationSetList)

+ func (in *ApplicationSetList) DeepCopyObject() runtime.Object

+ type ApplicationSetNestedGenerator struct

+ ClusterDecisionResource *DuckTypeGenerator

+ Clusters *ClusterGenerator

+ Git *GitGenerator

+ List *ListGenerator

+ Matrix *apiextensionsv1.JSON

+ Merge *apiextensionsv1.JSON

+ PullRequest *PullRequestGenerator

+ SCMProvider *SCMProviderGenerator

+ func (in *ApplicationSetNestedGenerator) DeepCopy() *ApplicationSetNestedGenerator

+ func (in *ApplicationSetNestedGenerator) DeepCopyInto(out *ApplicationSetNestedGenerator)

+ type ApplicationSetNestedGenerators []ApplicationSetNestedGenerator

+ func (in ApplicationSetNestedGenerators) DeepCopy() ApplicationSetNestedGenerators

+ func (in ApplicationSetNestedGenerators) DeepCopyInto(out *ApplicationSetNestedGenerators)

+ type ApplicationSetReasonType string

+ type ApplicationSetSpec struct

+ Generators []ApplicationSetGenerator

+ SyncPolicy *ApplicationSetSyncPolicy

+ Template ApplicationSetTemplate

+ func (in *ApplicationSetSpec) DeepCopy() *ApplicationSetSpec

+ func (in *ApplicationSetSpec) DeepCopyInto(out *ApplicationSetSpec)

+ type ApplicationSetStatus struct

+ Conditions []ApplicationSetCondition

+ func (in *ApplicationSetStatus) DeepCopy() *ApplicationSetStatus

+ func (in *ApplicationSetStatus) DeepCopyInto(out *ApplicationSetStatus)

+ func (status *ApplicationSetStatus) SetConditions(conditions []ApplicationSetCondition, ...)

+ type ApplicationSetSyncPolicy struct

+ PreserveResourcesOnDeletion bool

+ func (in *ApplicationSetSyncPolicy) DeepCopy() *ApplicationSetSyncPolicy

+ func (in *ApplicationSetSyncPolicy) DeepCopyInto(out *ApplicationSetSyncPolicy)

+ type ApplicationSetTemplate struct

+ Spec v1alpha1.ApplicationSpec

+ func (in *ApplicationSetTemplate) DeepCopy() *ApplicationSetTemplate

+ func (in *ApplicationSetTemplate) DeepCopyInto(out *ApplicationSetTemplate)

+ type ApplicationSetTemplateMeta struct

+ Annotations map[string]string

+ Finalizers []string

+ Labels map[string]string

+ Name string

+ Namespace string

+ func (in *ApplicationSetTemplateMeta) DeepCopy() *ApplicationSetTemplateMeta

+ func (in *ApplicationSetTemplateMeta) DeepCopyInto(out *ApplicationSetTemplateMeta)

+ type ApplicationSetTerminalGenerator struct

+ ClusterDecisionResource *DuckTypeGenerator

+ Clusters *ClusterGenerator

+ Git *GitGenerator

+ List *ListGenerator

+ PullRequest *PullRequestGenerator

+ SCMProvider *SCMProviderGenerator

+ func (in *ApplicationSetTerminalGenerator) DeepCopy() *ApplicationSetTerminalGenerator

+ func (in *ApplicationSetTerminalGenerator) DeepCopyInto(out *ApplicationSetTerminalGenerator)

+ type ApplicationSetTerminalGenerators []ApplicationSetTerminalGenerator

+ func (in ApplicationSetTerminalGenerators) DeepCopy() ApplicationSetTerminalGenerators

+ func (in ApplicationSetTerminalGenerators) DeepCopyInto(out *ApplicationSetTerminalGenerators)

+ type BasicAuthBitbucketServer struct

+ PasswordRef *SecretRef

+ Username string

+ func (in *BasicAuthBitbucketServer) DeepCopy() *BasicAuthBitbucketServer

+ func (in *BasicAuthBitbucketServer) DeepCopyInto(out *BasicAuthBitbucketServer)

+ type ClusterGenerator struct

+ Selector metav1.LabelSelector

+ Template ApplicationSetTemplate

+ Values map[string]string

+ func (in *ClusterGenerator) DeepCopy() *ClusterGenerator

+ func (in *ClusterGenerator) DeepCopyInto(out *ClusterGenerator)

+ type DuckTypeGenerator struct

+ ConfigMapRef string

+ LabelSelector metav1.LabelSelector

+ Name string

+ RequeueAfterSeconds *int64

+ Template ApplicationSetTemplate

+ Values map[string]string

+ func (in *DuckTypeGenerator) DeepCopy() *DuckTypeGenerator

+ func (in *DuckTypeGenerator) DeepCopyInto(out *DuckTypeGenerator)

+ type GitDirectoryGeneratorItem struct

+ Exclude bool

+ Path string

+ func (in *GitDirectoryGeneratorItem) DeepCopy() *GitDirectoryGeneratorItem

+ func (in *GitDirectoryGeneratorItem) DeepCopyInto(out *GitDirectoryGeneratorItem)

+ type GitFileGeneratorItem struct

+ Path string

+ func (in *GitFileGeneratorItem) DeepCopy() *GitFileGeneratorItem

+ func (in *GitFileGeneratorItem) DeepCopyInto(out *GitFileGeneratorItem)

+ type GitGenerator struct

+ Directories []GitDirectoryGeneratorItem

+ Files []GitFileGeneratorItem

+ RepoURL string

+ RequeueAfterSeconds *int64

+ Revision string

+ Template ApplicationSetTemplate

+ func (in *GitGenerator) DeepCopy() *GitGenerator

+ func (in *GitGenerator) DeepCopyInto(out *GitGenerator)

+ type ListGenerator struct

+ Elements []apiextensionsv1.JSON

+ Template ApplicationSetTemplate

+ func (in *ListGenerator) DeepCopy() *ListGenerator

+ func (in *ListGenerator) DeepCopyInto(out *ListGenerator)

+ type MatrixGenerator struct

+ Generators []ApplicationSetNestedGenerator

+ Template ApplicationSetTemplate

+ func (in *MatrixGenerator) DeepCopy() *MatrixGenerator

+ func (in *MatrixGenerator) DeepCopyInto(out *MatrixGenerator)

+ type MergeGenerator struct

+ Generators []ApplicationSetNestedGenerator

+ MergeKeys []string

+ Template ApplicationSetTemplate

+ func (in *MergeGenerator) DeepCopy() *MergeGenerator

+ func (in *MergeGenerator) DeepCopyInto(out *MergeGenerator)

+ type NestedMatrixGenerator struct

+ Generators ApplicationSetTerminalGenerators

+ func ToNestedMatrixGenerator(j *apiextensionsv1.JSON) (*NestedMatrixGenerator, error)

+ func (g NestedMatrixGenerator) ToMatrixGenerator() *MatrixGenerator

+ func (in *NestedMatrixGenerator) DeepCopy() *NestedMatrixGenerator

+ func (in *NestedMatrixGenerator) DeepCopyInto(out *NestedMatrixGenerator)

+ type NestedMergeGenerator struct

+ Generators ApplicationSetTerminalGenerators

+ MergeKeys []string

+ func ToNestedMergeGenerator(j *apiextensionsv1.JSON) (*NestedMergeGenerator, error)

+ func (g NestedMergeGenerator) ToMergeGenerator() *MergeGenerator

+ func (in *NestedMergeGenerator) DeepCopy() *NestedMergeGenerator

+ func (in *NestedMergeGenerator) DeepCopyInto(out *NestedMergeGenerator)

+ type PullRequestGenerator struct

+ BitbucketServer *PullRequestGeneratorBitbucketServer

+ Filters []PullRequestGeneratorFilter

+ Gitea *PullRequestGeneratorGitea

+ Github *PullRequestGeneratorGithub

+ RequeueAfterSeconds *int64

+ Template ApplicationSetTemplate

+ func (in *PullRequestGenerator) DeepCopy() *PullRequestGenerator

+ func (in *PullRequestGenerator) DeepCopyInto(out *PullRequestGenerator)

+ type PullRequestGeneratorBitbucketServer struct

+ API string

+ BasicAuth *BasicAuthBitbucketServer

+ Project string

+ Repo string

+ func (in *PullRequestGeneratorBitbucketServer) DeepCopy() *PullRequestGeneratorBitbucketServer

+ func (in *PullRequestGeneratorBitbucketServer) DeepCopyInto(out *PullRequestGeneratorBitbucketServer)

+ type PullRequestGeneratorFilter struct

+ BranchMatch *string

+ func (in *PullRequestGeneratorFilter) DeepCopy() *PullRequestGeneratorFilter

+ func (in *PullRequestGeneratorFilter) DeepCopyInto(out *PullRequestGeneratorFilter)

+ type PullRequestGeneratorGitea struct

+ API string

+ Insecure bool

+ Owner string

+ Repo string

+ TokenRef *SecretRef

+ func (in *PullRequestGeneratorGitea) DeepCopy() *PullRequestGeneratorGitea

+ func (in *PullRequestGeneratorGitea) DeepCopyInto(out *PullRequestGeneratorGitea)

+ type PullRequestGeneratorGithub struct

+ API string

+ Labels []string

+ Owner string

+ Repo string

+ TokenRef *SecretRef

+ func (in *PullRequestGeneratorGithub) DeepCopy() *PullRequestGeneratorGithub

+ func (in *PullRequestGeneratorGithub) DeepCopyInto(out *PullRequestGeneratorGithub)

+ type SCMProviderGenerator struct

+ Bitbucket *SCMProviderGeneratorBitbucket

+ BitbucketServer *SCMProviderGeneratorBitbucketServer

+ CloneProtocol string

+ Filters []SCMProviderGeneratorFilter

+ Gitea *SCMProviderGeneratorGitea

+ Github *SCMProviderGeneratorGithub

+ Gitlab *SCMProviderGeneratorGitlab

+ RequeueAfterSeconds *int64

+ Template ApplicationSetTemplate

+ func (in *SCMProviderGenerator) DeepCopy() *SCMProviderGenerator

+ func (in *SCMProviderGenerator) DeepCopyInto(out *SCMProviderGenerator)

+ type SCMProviderGeneratorBitbucket struct

+ AllBranches bool

+ AppPasswordRef *SecretRef

+ Owner string

+ User string

+ func (in *SCMProviderGeneratorBitbucket) DeepCopy() *SCMProviderGeneratorBitbucket

+ func (in *SCMProviderGeneratorBitbucket) DeepCopyInto(out *SCMProviderGeneratorBitbucket)

+ type SCMProviderGeneratorBitbucketServer struct

+ API string

+ AllBranches bool

+ BasicAuth *BasicAuthBitbucketServer

+ Project string

+ func (in *SCMProviderGeneratorBitbucketServer) DeepCopy() *SCMProviderGeneratorBitbucketServer

+ func (in *SCMProviderGeneratorBitbucketServer) DeepCopyInto(out *SCMProviderGeneratorBitbucketServer)

+ type SCMProviderGeneratorFilter struct

+ BranchMatch *string

+ LabelMatch *string

+ PathsDoNotExist []string

+ PathsExist []string

+ RepositoryMatch *string

+ func (in *SCMProviderGeneratorFilter) DeepCopy() *SCMProviderGeneratorFilter

+ func (in *SCMProviderGeneratorFilter) DeepCopyInto(out *SCMProviderGeneratorFilter)

+ type SCMProviderGeneratorGitea struct

+ API string

+ AllBranches bool

+ Insecure bool

+ Owner string

+ TokenRef *SecretRef

+ func (in *SCMProviderGeneratorGitea) DeepCopy() *SCMProviderGeneratorGitea

+ func (in *SCMProviderGeneratorGitea) DeepCopyInto(out *SCMProviderGeneratorGitea)

+ type SCMProviderGeneratorGithub struct

+ API string

+ AllBranches bool

+ Organization string

+ TokenRef *SecretRef

+ func (in *SCMProviderGeneratorGithub) DeepCopy() *SCMProviderGeneratorGithub

+ func (in *SCMProviderGeneratorGithub) DeepCopyInto(out *SCMProviderGeneratorGithub)

+ type SCMProviderGeneratorGitlab struct

+ API string

+ AllBranches bool

+ Group string

+ IncludeSubgroups bool

+ TokenRef *SecretRef

+ func (in *SCMProviderGeneratorGitlab) DeepCopy() *SCMProviderGeneratorGitlab

+ func (in *SCMProviderGeneratorGitlab) DeepCopyInto(out *SCMProviderGeneratorGitlab)

+ type SecretRef struct

+ Key string

+ SecretName string

+ func (in *SecretRef) DeepCopy() *SecretRef

+ func (in *SecretRef) DeepCopyInto(out *SecretRef)

v2.4.0-rc5

Jun 6, 2022 GO-2023-1670 +9 more

GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd

GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd

GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2

GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2

GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2

GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2

GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd

GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd

GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd

GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd

v2.4.0-rc4

Jun 1, 2022 GO-2023-1670 +9 more

GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd

GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd

GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2

GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2

GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2

GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2

GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd

GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd

GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd

GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd

v2.4.0-rc3

May 31, 2022 GO-2023-1670 +9 more

GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd

GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd

GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2

GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2

GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2

GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2

GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd

GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd

GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd

GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd

v2.4.0-rc2

May 18, 2022 GO-2023-1670 +9 more

GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd

GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd

GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2

GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2

GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2

GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2

GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd

GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd

GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd

GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd

v2.4.0-rc1

May 6, 2022 GO-2023-1670 +9 more

GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd

GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd

GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2

GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2

GO-2024-2652: Brute force protection bypass in github.com/argoproj/argo-cd/v2

GO-2024-2654: Denial of service in github.com/argoproj/argo-cd/v2

GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd

GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd

GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd

GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd