Go to main page
Versions in this module
v1
Mar 3, 2021 GO-2022-0304 +30 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0358: Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Feb 26, 2021 GO-2022-0304 +31 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0358: Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Feb 20, 2021 GO-2022-0304 +32 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0358: Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Changes in this version
type ApplicationTree
type ResourceDiff
type ResourceNode
Feb 5, 2021 GO-2022-0304 +32 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0358: Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Jan 21, 2021 GO-2022-0304 +32 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0358: Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Jan 10, 2021 GO-2022-0304 +32 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0358: Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Dec 10, 2020 GO-2022-0304 +31 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0358: Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Dec 9, 2020 GO-2022-0304 +31 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0358: Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Changes in this version
type ApplicationSource
type ApplicationSourceDirectory
type ApplicationSourceHelm
type ApplicationSourceKsonnet
type ApplicationSourceKustomize
type ClusterConfig
type Repository
type SyncPolicyAutomated
Dec 3, 2020 GO-2022-0304 +29 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0358: Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Nov 25, 2020 GO-2022-0304 +29 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0358: Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Mar 3, 2021 GO-2022-0304 +29 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0358: Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Feb 26, 2021 GO-2022-0304 +30 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0358: Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Feb 5, 2021 GO-2022-0304 +31 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0358: Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Dec 10, 2020 GO-2022-0304 +31 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0358: Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Nov 20, 2020 GO-2022-0304 +31 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0358: Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Nov 17, 2020 GO-2022-0304 +31 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0358: Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Oct 15, 2020 GO-2022-0304 +31 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0358: Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Sep 29, 2020 GO-2022-0304 +31 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0358: Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Sep 19, 2020 GO-2022-0304 +31 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0358: Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Sep 15, 2020 GO-2022-0304 +31 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0358: Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Sep 5, 2020 GO-2022-0304 +31 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0358: Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Sep 1, 2020 GO-2022-0304 +31 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0358: Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Aug 27, 2020 GO-2022-0304 +31 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0358: Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Aug 26, 2020 GO-2022-0304 +31 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0358: Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Aug 25, 2020 GO-2022-0304 +31 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0358: Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Changes in this version
type AppProject
type ApplicationDestination
type ApplicationSourceJsonnet
type Cluster
type OperationState
type OrphanedResourcesMonitorSettings
type ResourceNode
type ResourceOverride
type RevisionHistories
type RevisionHistory
type RevisionMetadata
type SyncOperationResource
type SyncPolicy
Aug 15, 2020 GO-2022-0304 +31 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0358: Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Jul 31, 2020 GO-2022-0304 +31 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0358: Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Jun 19, 2020 GO-2022-0304 +31 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0358: Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Jun 16, 2020 GO-2022-0304 +31 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0358: Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Changes in this version
type Operation
Jun 9, 2020 GO-2022-0304 +31 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0358: Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Jun 2, 2020 GO-2022-0304 +31 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0358: Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Jun 16, 2020 GO-2022-0304 +31 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0358: Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Jun 9, 2020 GO-2022-0304 +31 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0358: Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Jun 2, 2020 GO-2022-0304 +31 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0358: Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
May 16, 2020 GO-2022-0304 +31 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0358: Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
May 5, 2020 GO-2022-0304 +31 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0358: Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
May 2, 2020 GO-2022-0304 +31 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0358: Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Changes in this version
type AppProjectSpec
type ApplicationSourceKustomize
type JWTToken
type KustomizeOptions
type ResourceOverride
Apr 15, 2020 GO-2022-0304 +31 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0358: Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Apr 6, 2020 GO-2022-0304 +31 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0358: Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Apr 2, 2020 GO-2022-0304 +33 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0358: Path traversal allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2022-0882: Observable Discrepancy in Argo in github.com/argoproj/argo-cd
GO-2022-0892: Improper Restriction of Excessive Authentication Attempts in Argo API in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Changes in this version
type ApplicationSourceHelm
type Cluster
type Operation
type SyncOperation
Mar 30, 2020 GO-2022-0304 +31 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2022-0892: Improper Restriction of Excessive Authentication Attempts in Argo API in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Mar 26, 2020 GO-2022-0304 +31 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2022-0892: Improper Restriction of Excessive Authentication Attempts in Argo API in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Mar 20, 2020 GO-2022-0304 +31 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2022-0892: Improper Restriction of Excessive Authentication Attempts in Argo API in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Apr 15, 2020 GO-2022-0304 +32 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2022-0892: Improper Restriction of Excessive Authentication Attempts in Argo API in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-1952: Argo Exposure of Sensitive Information in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Jan 24, 2020 GO-2022-0304 +32 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2022-0892: Improper Restriction of Excessive Authentication Attempts in Argo API in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-1952: Argo Exposure of Sensitive Information in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Jan 22, 2020 GO-2022-0304 +32 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2022-0892: Improper Restriction of Excessive Authentication Attempts in Argo API in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-1952: Argo Exposure of Sensitive Information in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Jan 18, 2020 GO-2022-0304 +32 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2022-0892: Improper Restriction of Excessive Authentication Attempts in Argo API in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-1952: Argo Exposure of Sensitive Information in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Changes in this version
type AWSAuthConfig
type AppProject
type AppProjectList
type AppProjectSpec
type Application
type ApplicationCondition
type ApplicationDestination
type ApplicationList
type ApplicationSource
type ApplicationSourceDirectory
type ApplicationSourceHelm
type ApplicationSourceJsonnet
type ApplicationSourceKsonnet
type ApplicationSourceKustomize
type ApplicationSourcePlugin
type ApplicationSpec
type ApplicationStatus
type ApplicationSummary
type ApplicationTree
type ApplicationWatchEvent
type Cluster
type ClusterConfig
type ClusterList
type ComparedTo
type ComponentParameter
type ConfigManagementPlugin
type ConnectionState
type HealthStatus
type HelmParameter
type JsonnetVar
type KsonnetParameter
type KustomizeOptions
type Operation
type OperationState
type OrphanedResourcesMonitorSettings
type ProjectRole
type RepoCreds
type RepoCredsList
type Repository
type RepositoryCertificate
type RepositoryCertificateList
type RepositoryList
type ResourceAction
type ResourceActionDefinition
type ResourceActionParam
type ResourceActions
type ResourceDiff
type ResourceIgnoreDifferences
type ResourceNetworkingInfo
type ResourceNode
type ResourceOverride
type ResourceRef
type ResourceResult
type ResourceStatus
type RevisionHistory
type RevisionMetadata
type SyncOperation
type SyncOperationResource
type SyncOperationResult
type SyncPolicy
type SyncPolicyAutomated
type SyncStatus
type SyncStrategy
type SyncStrategyApply
type SyncStrategyHook
type SyncWindow
type TLSClientConfig
Jan 13, 2020 GO-2022-0304 +32 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2022-0892: Improper Restriction of Excessive Authentication Attempts in Argo API in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-1952: Argo Exposure of Sensitive Information in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Dec 10, 2019 GO-2022-0304 +32 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2022-0892: Improper Restriction of Excessive Authentication Attempts in Argo API in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-1952: Argo Exposure of Sensitive Information in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Dec 9, 2019 GO-2022-0304 +32 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2022-0892: Improper Restriction of Excessive Authentication Attempts in Argo API in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-1952: Argo Exposure of Sensitive Information in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Dec 5, 2019 GO-2022-0304 +32 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2022-0892: Improper Restriction of Excessive Authentication Attempts in Argo API in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-1952: Argo Exposure of Sensitive Information in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Dec 5, 2019 GO-2022-0304 +32 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2022-0892: Improper Restriction of Excessive Authentication Attempts in Argo API in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-1952: Argo Exposure of Sensitive Information in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Dec 3, 2019 GO-2022-0304 +32 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2022-0892: Improper Restriction of Excessive Authentication Attempts in Argo API in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-1952: Argo Exposure of Sensitive Information in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Dec 2, 2019 GO-2022-0304 +32 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2022-0892: Improper Restriction of Excessive Authentication Attempts in Argo API in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-1952: Argo Exposure of Sensitive Information in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Nov 13, 2019 GO-2022-0304 +32 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0357: Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
GO-2022-0499: Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2022-0892: Improper Restriction of Excessive Authentication Attempts in Argo API in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-1952: Argo Exposure of Sensitive Information in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Nov 11, 2019 GO-2022-0304 +30 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2022-0892: Improper Restriction of Excessive Authentication Attempts in Argo API in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-1952: Argo Exposure of Sensitive Information in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Nov 4, 2019 GO-2022-0304 +30 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2022-0892: Improper Restriction of Excessive Authentication Attempts in Argo API in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-1952: Argo Exposure of Sensitive Information in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Oct 29, 2019 GO-2022-0304 +30 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2022-0892: Improper Restriction of Excessive Authentication Attempts in Argo API in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-1952: Argo Exposure of Sensitive Information in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Oct 23, 2019 GO-2022-0304 +30 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2022-0892: Improper Restriction of Excessive Authentication Attempts in Argo API in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-1952: Argo Exposure of Sensitive Information in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Oct 16, 2019 GO-2022-0304 +30 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2022-0892: Improper Restriction of Excessive Authentication Attempts in Argo API in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-1952: Argo Exposure of Sensitive Information in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Oct 29, 2019 GO-2022-0304 +30 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2022-0892: Improper Restriction of Excessive Authentication Attempts in Argo API in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-1952: Argo Exposure of Sensitive Information in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Oct 22, 2019 GO-2022-0304 +30 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2022-0892: Improper Restriction of Excessive Authentication Attempts in Argo API in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-1952: Argo Exposure of Sensitive Information in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Changes in this version
type AppProjectSpec
type ApplicationCondition
type ApplicationSourceHelm
type ApplicationSourceKustomize
type ApplicationStatus
type ApplicationTree
type Cluster
type Env
type HelmParameter
type HookDeletePolicy
type HookType
type JsonnetVar
type OperationPhase
type Repository
type ResourceAction
Oct 1, 2019 GO-2022-0304 +30 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2022-0892: Improper Restriction of Excessive Authentication Attempts in Argo API in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-1952: Argo Exposure of Sensitive Information in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Sep 24, 2019 GO-2022-0304 +30 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2022-0892: Improper Restriction of Excessive Authentication Attempts in Argo API in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-1952: Argo Exposure of Sensitive Information in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Sep 12, 2019 GO-2022-0304 +30 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2022-0892: Improper Restriction of Excessive Authentication Attempts in Argo API in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-1952: Argo Exposure of Sensitive Information in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Sep 4, 2019 GO-2022-0304 +30 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2022-0892: Improper Restriction of Excessive Authentication Attempts in Argo API in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-1952: Argo Exposure of Sensitive Information in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Changes in this version
type AppProject
type ApplicationSourceKustomize
type HelmParameter
type HookType
type Repository
type ResourceDiff
type ResourceStatus
type SyncPolicyAutomated
Aug 21, 2019 GO-2022-0304 +30 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2022-0892: Improper Restriction of Excessive Authentication Attempts in Argo API in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-1952: Argo Exposure of Sensitive Information in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Aug 6, 2019 GO-2022-0304 +30 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2022-0892: Improper Restriction of Excessive Authentication Attempts in Argo API in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-1952: Argo Exposure of Sensitive Information in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2643: Bypass manifest during application creation in github.com/argoproj/argo-cd/v2
GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Jul 30, 2019 GO-2022-0304 +29 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2022-0892: Improper Restriction of Excessive Authentication Attempts in Argo API in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-1952: Argo Exposure of Sensitive Information in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Jul 24, 2019 GO-2022-0304 +29 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2022-0892: Improper Restriction of Excessive Authentication Attempts in Argo API in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-1952: Argo Exposure of Sensitive Information in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Jul 22, 2019 GO-2022-0304 +29 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2022-0892: Improper Restriction of Excessive Authentication Attempts in Argo API in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-1952: Argo Exposure of Sensitive Information in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Changes in this version
type ApplicationSourceHelm
type ApplicationSourceKustomize
type ApplicationSpec
type ResourceRef
type ResourceResult
type SyncStrategy
Jul 19, 2019 GO-2022-0304 +29 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2022-0892: Improper Restriction of Excessive Authentication Attempts in Argo API in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-1952: Argo Exposure of Sensitive Information in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Jul 17, 2019 GO-2022-0304 +29 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2022-0892: Improper Restriction of Excessive Authentication Attempts in Argo API in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-1952: Argo Exposure of Sensitive Information in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Jul 16, 2019 GO-2022-0304 +29 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2022-0892: Improper Restriction of Excessive Authentication Attempts in Argo API in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-1952: Argo Exposure of Sensitive Information in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Jul 9, 2019 GO-2022-0304 +29 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2022-0892: Improper Restriction of Excessive Authentication Attempts in Argo API in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-1952: Argo Exposure of Sensitive Information in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Jul 3, 2019 GO-2022-0304 +29 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2022-0892: Improper Restriction of Excessive Authentication Attempts in Argo API in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-1952: Argo Exposure of Sensitive Information in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Jun 28, 2019 GO-2022-0304 +29 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2022-0892: Improper Restriction of Excessive Authentication Attempts in Argo API in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-1952: Argo Exposure of Sensitive Information in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Jun 21, 2019 GO-2022-0304 +29 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2022-0892: Improper Restriction of Excessive Authentication Attempts in Argo API in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-1952: Argo Exposure of Sensitive Information in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Jun 14, 2019 GO-2022-0304 +29 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2022-0892: Improper Restriction of Excessive Authentication Attempts in Argo API in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-1952: Argo Exposure of Sensitive Information in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Jun 14, 2019 GO-2022-0304 +29 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2022-0892: Improper Restriction of Excessive Authentication Attempts in Argo API in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-1952: Argo Exposure of Sensitive Information in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
May 28, 2019 GO-2022-0304 +29 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2022-0892: Improper Restriction of Excessive Authentication Attempts in Argo API in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-1952: Argo Exposure of Sensitive Information in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
May 16, 2019 GO-2022-0304 +29 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
GO-2022-0498: Argo CD's external URLs for Deployments can include JavaScript in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2022-0892: Improper Restriction of Excessive Authentication Attempts in Argo API in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-1952: Argo Exposure of Sensitive Information in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Changes in this version
type AppProjectSpec
type ApplicationStatus
type Repository
type ResourceNode
type ResourceOverride
May 9, 2019 GO-2022-0304 +26 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2022-0892: Improper Restriction of Excessive Authentication Attempts in Argo API in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-1952: Argo Exposure of Sensitive Information in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Apr 30, 2019 GO-2022-0304 +26 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2022-0892: Improper Restriction of Excessive Authentication Attempts in Argo API in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-1952: Argo Exposure of Sensitive Information in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Apr 24, 2019 GO-2022-0304 +26 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2022-0892: Improper Restriction of Excessive Authentication Attempts in Argo API in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-1952: Argo Exposure of Sensitive Information in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
v0
Apr 30, 2019 GO-2022-0304 +26 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2022-0892: Improper Restriction of Excessive Authentication Attempts in Argo API in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-1952: Argo Exposure of Sensitive Information in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Apr 22, 2019 GO-2022-0304 +26 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2022-0892: Improper Restriction of Excessive Authentication Attempts in Argo API in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-1952: Argo Exposure of Sensitive Information in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Apr 9, 2019 GO-2022-0304 +26 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2022-0892: Improper Restriction of Excessive Authentication Attempts in Argo API in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-1952: Argo Exposure of Sensitive Information in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Changes in this version
type ApplicationSourceKustomize
Mar 22, 2019 GO-2022-0304 +26 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2022-0892: Improper Restriction of Excessive Authentication Attempts in Argo API in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-1952: Argo Exposure of Sensitive Information in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Changes in this version
type ApplicationSource
type ApplicationSourceHelm
type ApplicationSourceKsonnet
type ApplicationSourceKustomize
type ApplicationSourceType
type ApplicationSpec
type HealthStatusCode
type Repository
type RevisionHistory
type SyncOperation
type SyncOperationResult
Mar 20, 2019 GO-2022-0304 +26 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2022-0892: Improper Restriction of Excessive Authentication Attempts in Argo API in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-1952: Argo Exposure of Sensitive Information in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Mar 19, 2019 GO-2022-0304 +26 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2022-0892: Improper Restriction of Excessive Authentication Attempts in Argo API in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-1952: Argo Exposure of Sensitive Information in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Mar 12, 2019 GO-2022-0304 +26 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2022-0892: Improper Restriction of Excessive Authentication Attempts in Argo API in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-1952: Argo Exposure of Sensitive Information in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Mar 7, 2019 GO-2022-0304 +26 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2022-0892: Improper Restriction of Excessive Authentication Attempts in Argo API in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-1952: Argo Exposure of Sensitive Information in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Mar 6, 2019 GO-2022-0304 +26 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2022-0892: Improper Restriction of Excessive Authentication Attempts in Argo API in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-1952: Argo Exposure of Sensitive Information in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Mar 5, 2019 GO-2022-0304 +26 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2022-0892: Improper Restriction of Excessive Authentication Attempts in Argo API in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-1952: Argo Exposure of Sensitive Information in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Feb 19, 2019 GO-2022-0304 +26 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2022-0892: Improper Restriction of Excessive Authentication Attempts in Argo API in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-1952: Argo Exposure of Sensitive Information in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Jan 18, 2019 GO-2022-0304 +26 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2022-0892: Improper Restriction of Excessive Authentication Attempts in Argo API in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-1952: Argo Exposure of Sensitive Information in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Changes in this version
type ApplicationSourceHelm
type ApplicationSourceKsonnet
type ApplicationSourceKustomize
Jan 10, 2019 GO-2022-0304 +26 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0497: Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2022-0892: Improper Restriction of Excessive Authentication Attempts in Argo API in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-1952: Argo Exposure of Sensitive Information in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Changes in this version
type Application
type ApplicationDestination
type ApplicationSource
type HealthStatus
type ProjectRole
type ResourceNode
+
ID int64
Jan 10, 2019 GO-2022-0304 +24 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2022-0892: Improper Restriction of Excessive Authentication Attempts in Argo API in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-1952: Argo Exposure of Sensitive Information in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Jan 8, 2019 GO-2022-0304 +24 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2022-0892: Improper Restriction of Excessive Authentication Attempts in Argo API in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-1952: Argo Exposure of Sensitive Information in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Jan 4, 2019 GO-2022-0304 +24 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2022-0892: Improper Restriction of Excessive Authentication Attempts in Argo API in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-1952: Argo Exposure of Sensitive Information in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Jan 3, 2019 GO-2022-0304 +24 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2022-0892: Improper Restriction of Excessive Authentication Attempts in Argo API in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-1952: Argo Exposure of Sensitive Information in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Dec 28, 2018 GO-2022-0304 +24 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2022-0892: Improper Restriction of Excessive Authentication Attempts in Argo API in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-1952: Argo Exposure of Sensitive Information in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Dec 10, 2018 GO-2022-0304 +24 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2022-0892: Improper Restriction of Excessive Authentication Attempts in Argo API in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-1952: Argo Exposure of Sensitive Information in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Nov 15, 2018 GO-2022-0304 +24 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2022-0892: Improper Restriction of Excessive Authentication Attempts in Argo API in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-1952: Argo Exposure of Sensitive Information in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Nov 14, 2018 GO-2022-0304 +24 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2022-0892: Improper Restriction of Excessive Authentication Attempts in Argo API in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-1952: Argo Exposure of Sensitive Information in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Nov 8, 2018 GO-2022-0304 +24 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2022-0892: Improper Restriction of Excessive Authentication Attempts in Argo API in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-1952: Argo Exposure of Sensitive Information in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Oct 29, 2018 GO-2022-0304 +24 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2022-0892: Improper Restriction of Excessive Authentication Attempts in Argo API in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-1952: Argo Exposure of Sensitive Information in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Oct 25, 2018 GO-2022-0304 +24 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2022-0892: Improper Restriction of Excessive Authentication Attempts in Argo API in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-1952: Argo Exposure of Sensitive Information in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Oct 24, 2018 GO-2022-0304 +24 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2022-0892: Improper Restriction of Excessive Authentication Attempts in Argo API in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-1952: Argo Exposure of Sensitive Information in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Oct 19, 2018 GO-2022-0304 +24 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2022-0892: Improper Restriction of Excessive Authentication Attempts in Argo API in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-1952: Argo Exposure of Sensitive Information in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Changes in this version
type SyncOperation
Sep 28, 2018 GO-2022-0304 +24 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2022-0892: Improper Restriction of Excessive Authentication Attempts in Argo API in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-1952: Argo Exposure of Sensitive Information in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Sep 24, 2018 GO-2022-0304 +24 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2022-0892: Improper Restriction of Excessive Authentication Attempts in Argo API in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-1952: Argo Exposure of Sensitive Information in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Sep 24, 2018 GO-2022-0304 +24 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2022-0892: Improper Restriction of Excessive Authentication Attempts in Argo API in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-1952: Argo Exposure of Sensitive Information in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Changes in this version
type AppProject
type AppProjectList
type AppProjectSpec
type Application
type ApplicationCondition
type ApplicationDestination
type ApplicationList
type ApplicationSource
type ApplicationSpec
type ApplicationStatus
type ApplicationWatchEvent
type Cluster
type ClusterConfig
type ClusterList
type ComparisonResult
type ComponentParameter
type ConnectionState
type DeploymentInfo
type HealthStatus
type HookStatus
type JWTToken
type Operation
type OperationState
type ProjectRole
type Repository
type RepositoryList
type ResourceDetails
type ResourceNode
type ResourceState
type RollbackOperation
type SyncOperation
type SyncOperationResult
type SyncStrategy
type SyncStrategyApply
type SyncStrategyHook
type TLSClientConfig
Sep 12, 2018 GO-2022-0304 +24 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2022-0892: Improper Restriction of Excessive Authentication Attempts in Argo API in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-1952: Argo Exposure of Sensitive Information in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Sep 10, 2018 GO-2022-0304 +24 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2022-0892: Improper Restriction of Excessive Authentication Attempts in Argo API in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-1952: Argo Exposure of Sensitive Information in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Sep 5, 2018 GO-2022-0304 +24 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2022-0892: Improper Restriction of Excessive Authentication Attempts in Argo API in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-1952: Argo Exposure of Sensitive Information in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Changes in this version
type AppProject
type AppProjectSpec
Aug 21, 2018 GO-2022-0304 +24 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2022-0892: Improper Restriction of Excessive Authentication Attempts in Argo API in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-1952: Argo Exposure of Sensitive Information in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Aug 3, 2018 GO-2022-0304 +24 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2022-0892: Improper Restriction of Excessive Authentication Attempts in Argo API in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-1952: Argo Exposure of Sensitive Information in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Jul 28, 2018 GO-2022-0304 +24 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0495: DoS through large manifest files in Argo CD in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2022-0892: Improper Restriction of Excessive Authentication Attempts in Argo API in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-1952: Argo Exposure of Sensitive Information in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Changes in this version
type ApplicationSource
Jul 21, 2018 GO-2022-0304 +23 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2022-0892: Improper Restriction of Excessive Authentication Attempts in Argo API in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-1952: Argo Exposure of Sensitive Information in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Jul 18, 2018 GO-2022-0304 +23 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2022-0892: Improper Restriction of Excessive Authentication Attempts in Argo API in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-1952: Argo Exposure of Sensitive Information in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Jul 17, 2018 GO-2022-0304 +23 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2022-0892: Improper Restriction of Excessive Authentication Attempts in Argo API in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-1952: Argo Exposure of Sensitive Information in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Changes in this version
type ApplicationCondition
type ApplicationSpec
type ApplicationStatus
type OperationPhase
type ResourceSyncStatus
type SyncOperation
Jun 27, 2018 GO-2022-0304 +23 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2022-0892: Improper Restriction of Excessive Authentication Attempts in Argo API in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-1952: Argo Exposure of Sensitive Information in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Jun 20, 2018 GO-2022-0304 +23 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2022-0892: Improper Restriction of Excessive Authentication Attempts in Argo API in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-1952: Argo Exposure of Sensitive Information in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Jun 14, 2018 GO-2022-0304 +23 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2022-0892: Improper Restriction of Excessive Authentication Attempts in Argo API in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-1952: Argo Exposure of Sensitive Information in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Jun 13, 2018 GO-2022-0304 +23 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2022-0892: Improper Restriction of Excessive Authentication Attempts in Argo API in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-1952: Argo Exposure of Sensitive Information in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Jun 12, 2018 GO-2022-0304 +23 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0359: Improper access control allows admin privilege escalation in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0516: Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2022-0892: Improper Restriction of Excessive Authentication Attempts in Argo API in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-1952: Argo Exposure of Sensitive Information in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Changes in this version
type Cluster
type Repository
type ResourceDetails
Jun 7, 2018 GO-2022-0304 +20 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2022-0892: Improper Restriction of Excessive Authentication Attempts in Argo API in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1952: Argo Exposure of Sensitive Information in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Jun 6, 2018 GO-2022-0304 +20 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2022-0892: Improper Restriction of Excessive Authentication Attempts in Argo API in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1952: Argo Exposure of Sensitive Information in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
May 31, 2018 GO-2022-0304 +20 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2022-0892: Improper Restriction of Excessive Authentication Attempts in Argo API in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1952: Argo Exposure of Sensitive Information in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
May 30, 2018 GO-2022-0304 +20 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2022-0892: Improper Restriction of Excessive Authentication Attempts in Argo API in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1952: Argo Exposure of Sensitive Information in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Changes in this version
type Cluster
type Repository
May 21, 2018 GO-2022-0304 +20 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2022-0892: Improper Restriction of Excessive Authentication Attempts in Argo API in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1952: Argo Exposure of Sensitive Information in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
May 21, 2018 GO-2022-0304 +20 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2022-0892: Improper Restriction of Excessive Authentication Attempts in Argo API in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1952: Argo Exposure of Sensitive Information in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
May 18, 2018 GO-2022-0304 +20 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2022-0892: Improper Restriction of Excessive Authentication Attempts in Argo API in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1952: Argo Exposure of Sensitive Information in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
May 17, 2018 GO-2022-0304 +20 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0518: Argo CD certificate verification is skipped for connections to OIDC providers in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2022-0892: Improper Restriction of Excessive Authentication Attempts in Argo API in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1952: Argo Exposure of Sensitive Information in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
May 11, 2018 GO-2022-0304 +19 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2022-0892: Improper Restriction of Excessive Authentication Attempts in Argo API in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1952: Argo Exposure of Sensitive Information in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
May 3, 2018 GO-2022-0304 +19 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2022-0892: Improper Restriction of Excessive Authentication Attempts in Argo API in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1952: Argo Exposure of Sensitive Information in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
May 1, 2018 GO-2022-0304 +19 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2022-0892: Improper Restriction of Excessive Authentication Attempts in Argo API in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1952: Argo Exposure of Sensitive Information in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Apr 24, 2018 GO-2022-0304 +19 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2022-0892: Improper Restriction of Excessive Authentication Attempts in Argo API in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1952: Argo Exposure of Sensitive Information in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Changes in this version
type DeploymentInfo
+
ID int64
Apr 23, 2018 GO-2022-0304 +19 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2022-0892: Improper Restriction of Excessive Authentication Attempts in Argo API in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1952: Argo Exposure of Sensitive Information in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Changes in this version
type ApplicationSpec
type ApplicationStatus
type ResourceState
Mar 29, 2018 GO-2022-0304 +19 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2022-0892: Improper Restriction of Excessive Authentication Attempts in Argo API in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1952: Argo Exposure of Sensitive Information in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd
Changes in this version
Mar 12, 2018 GO-2022-0304 +19 more
GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd
GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd
GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd
GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd
GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd
GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
GO-2022-0892: Improper Restriction of Excessive Authentication Attempts in Argo API in github.com/argoproj/argo-cd
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1952: Argo Exposure of Sensitive Information in github.com/argoproj/argo-cd
GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd
GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd