Affected by GO-2022-0388
and 4 other vulnerabilities
GO-2022-0388: Argo Server TLS requests could be forged by attacker with network access in github.com/argoproj/argo-workflows
GO-2022-0405: Potential privilege escalation on Kubernetes >= v1.19 when the Argo Sever is run with `--auth-mode=client` in github.com/argoproj/argo-workflows
GO-2022-0928: Workflow re-write vulnerability using input parameter in github.com/argoproj/argo-workflows
GO-2024-3226: Argo Workflows Controller: Denial of Service via malicious daemon Workflows in github.com/argoproj/argo-workflows
GO-2024-3303: Argo Workflows Allows Access to Archived Workflows with Fake Token in `client` mode in github.com/argoproj/argo-workflows
ResolveServerNamespace resolves server and namespace to use given an application spec,
and a manifest response. It looks to explicit server/namespace overridden in the app CRD spec
and falls back to the server/namespace defined in the ksonnet environment