Ecosyste.ms: Packages

An open API service providing package, version and dependency metadata of many open source software ecosystems and registries.

Top 0.5% on proxy.golang.org
Top 0.5% dependent packages on proxy.golang.org
Top 1.0% dependent repos on proxy.golang.org
Top 0.1% forks on proxy.golang.org
Top 0.5% docker downloads on proxy.golang.org

proxy.golang.org : github.com/argoproj/argo-cd

Declarative continuous deployment for Kubernetes.

Registry - Source - Documentation - JSON
purl: pkg:golang/github.com/argoproj/argo-cd
Keywords: argo, argo-cd, cd, ci-cd, cicd, continuous-delivery, continuous-deployment, devops, docker, gitops, hacktoberfest, helm, ksonnet, kubernetes, pipeline
License: Apache-2.0
Latest release: about 3 years ago
First release: about 6 years ago
Namespace: github.com/argoproj
Dependent packages: 77
Dependent repositories: 31
Stars: 12,446 on GitHub
Forks: 3,604 on GitHub
Docker dependents: 20
Docker downloads: 1,665,719
See more repository details: repos.ecosyste.ms
Last synced: 2 days ago

High
GSA_kwCzR0hTQS02M3F4LXg3NGctamNyN80oiQ
Path traversal and dereference of symlinks in Argo CD
Ecosystems: go
Packages: github.com/argoproj/argo-cd, github.com/argoproj/argo-cd/v2
Source: github
Published: about 2 years ago
High
GSA_kwCzR0hTQS02djg1LXdyOTItcTRwN84AA6Gh
Denial of Service (DoS) Vulnerability Due to Unsafe Array Modification in Multi-threaded Environment
Ecosystems: go
Packages: github.com/argoproj/argo-cd
Source: github
Published: about 1 month ago
Critical
GSA_kwCzR0hTQS1qd3Y1LThtcXYtZzM4N84AA6CM
Cross-site scripting on application summary component
Ecosystems: go
Packages: github.com/argoproj/argo-cd/v2, github.com/argoproj/argo-cd
Source: github
Published: about 2 months ago
Moderate
GSA_kwCzR0hTQS1nNjIzLWpjZ2ctbWhtbc4AA6Bz
Users with `create` but not `override` privileges can perform local sync
Ecosystems: go
Packages: github.com/argoproj/argo-cd/v2, github.com/argoproj/argo-cd
Source: github
Published: about 2 months ago
Moderate
GSA_kwCzR0hTQS14bWc4LTk5cjgtamMyas4AAgd9
Login screen allows message spoofing if SSO is enabled
Ecosystems: go
Packages: github.com/argoproj/argo-cd, github.com/argoproj/argo-cd/v2
Source: github
Published: almost 2 years ago
High
GSA_kwCzR0hTQS0ybTdoLTg2cXEtZnA0ds4AAs5Y
Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params
Ecosystems: go
Packages: github.com/argoproj/argo-cd/v2, github.com/argoproj/argo-cd
Source: github
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1xNHc1LTRncTItOTh2bc4AAs5a
Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server
Ecosystems: go
Packages: github.com/argoproj/argo-cd/v2, github.com/argoproj/argo-cd
Source: github
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1tdjZ3LWo0eGMtcXBmd84AAxfx
Argo CD leaks repository credentials in user-facing error messages and in logs
Ecosystems: go
Packages: github.com/argoproj/argo-cd/v2, github.com/argoproj/argo-cd
Source: github
Published: about 1 year ago
High
GSA_kwCzR0hTQS1yOWNyLWh2amotNDk2ds01gg
Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server
Ecosystems: go
Packages: github.com/argoproj/argo-cd
Source: github
Published: about 2 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZqNTQtY2pyeC14Njk2
Observable Discrepancy in Argo
Ecosystems: go
Packages: github.com/argoproj/argo-cd
Source: github
Published: over 2 years ago
Moderate
GSA_kwCzR0hTQS1oNmg1LTZmbXEtcmgyOM01gw
Path traversal allows leaking out-of-bound files from Argo CD repo-server
Ecosystems: go
Packages: github.com/argoproj/argo-cd
Source: github
Published: about 2 years ago
High
GSA_kwCzR0hTQS05Mm13LXEyNTYtNXZ3Z84AA4lC
github.com/argoproj/argo-cd Cross-Site Request Forgery vulnerability
Ecosystems: go
Packages: github.com/argoproj/argo-cd/v2, github.com/argoproj/argo-cd
Source: github
Published: 3 months ago
Critical
GSA_kwCzR0hTQS1xOWhyLWo0cmYtOGZqY84AAxJD
JWT audience claim is not verified
Ecosystems: go
Packages: github.com/argoproj/argo-cd
Source: github
Published: over 1 year ago
High
GSA_kwCzR0hTQS03OTQzLTgyamctd213Nc4AAtUJ
Argo CD certificate verification is skipped for connections to OIDC providers
Ecosystems: go
Packages: github.com/argoproj/argo-cd
Source: github
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS0yZjV2LThyM2YtOHB3d801hA
Improper access control allows admin privilege escalation in Argo CD
Ecosystems: go
Packages: github.com/argoproj/argo-cd
Source: github
Published: about 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWg4amMtam1yZi05aDhm
Argo CD Insecure default administrative password
Ecosystems: go
Packages: github.com/argoproj/argo-cd
Source: github
Published: almost 3 years ago
Moderate
GSA_kwCzR0hTQS14ajd2LWM4MnctOTJxMs4AAkND
Argo Exposure of Sensitive Information
Ecosystems: go
Packages: github.com/argoproj/argo-cd
Source: github
Published: almost 2 years ago
Low
GSA_kwCzR0hTQS1wbWpnLTUyaDktNzJxds4AAtUK
Argo CD SSO users vulnerable to Cross-site Scripting
Ecosystems: go
Packages: github.com/argoproj/argo-cd
Source: github
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1qaHFwLXZmNHctcnB3cc4AAs5e
DoS through large manifest files in Argo CD
Ecosystems: go
Packages: github.com/argoproj/argo-cd/v2, github.com/argoproj/argo-cd
Source: github
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1jOHh3LXZqZ2YtOTRocs4AA1eI
Argo CD web terminal session doesn't expire
Ecosystems: go
Packages: github.com/argoproj/argo-cd
Source: github
Published: 8 months ago
Moderate
GSA_kwCzR0hTQS02anF3LWp3ZjUtcnA4aM4AA2HB
Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server
Ecosystems: go
Packages: github.com/argoproj/argo-cd/v2, github.com/argoproj/argo-cd
Source: github
Published: 7 months ago
High
GSA_kwCzR0hTQS05Nmp2LXZqMzkteDRqNs4AAtU8
Argo CD improper access control bug can allow malicious user to escalate privileges to admin level
Ecosystems: go
Packages: github.com/argoproj/argo-cd/v2, github.com/argoproj/argo-cd
Source: github
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS1oNHc5LTZ4NzgtOHZyas4AAs5Z
Argo CD's external URLs for Deployments can include JavaScript
Ecosystems: go
Packages: github.com/argoproj/argo-cd/v2, github.com/argoproj/argo-cd
Source: github
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS1yNjQyLWd2OXAtMndqas4AAqwZ
Argo CD will blindly trust JWT claims if anonymous access is enabled
Ecosystems: go
Packages: github.com/argoproj/argo-cd, github.com/argoproj/argo-cd/v2
Source: github
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS0zamZxLTc0MncteGc4as4AAxrA
Users with any cluster secret update access may update out-of-bounds cluster secrets
Ecosystems: go
Packages: github.com/argoproj/argo-cd
Source: github
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS0ycTVjLXF3OWMtZm12cc4AAyQf
Argo CD authenticated but unauthorized users may enumerate Application names via the API
Ecosystems: go
Packages: github.com/argoproj/argo-cd/v2, github.com/argoproj/argo-cd
Source: github
Published: about 1 year ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXhjcXItOWgyNC12cmd3
Improper Restriction of Excessive Authentication Attempts in Argo API
Ecosystems: go
Packages: github.com/argoproj/argo-cd
Source: github
Published: almost 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZ3ODctZzgzOS05d3Y3
Helm OCI credentials leaked into Argo CD logs
Ecosystems: go
Packages: github.com/argoproj/argo-cd
Source: github
Published: almost 3 years ago
High
GSA_kwCzR0hTQS02cDRtLWh3MmgtNmdtd84AAxJA
Controller reconciles apps outside configured namespaces when sharding is enabled
Ecosystems: go
Packages: github.com/argoproj/argo-cd
Source: github
Published: over 1 year ago