Ecosyste.ms: Packages

An open API service providing package, version and dependency metadata of many open source software ecosystems and registries.

Top 0.4% on proxy.golang.org
Top 0.4% dependent packages on proxy.golang.org
Top 0.5% dependent repos on proxy.golang.org
Top 0.1% forks on proxy.golang.org
Top 0.6% docker downloads on proxy.golang.org

proxy.golang.org : github.com/argoproj/argo-cd/v2

Declarative continuous deployment for Kubernetes.

Registry - Source - Documentation - JSON
purl: pkg:golang/github.com/argoproj/argo-cd/v2
Keywords: argo, argo-cd, cd, ci-cd, cicd, continuous-delivery, continuous-deployment, devops, docker, gitops, hacktoberfest, helm, ksonnet, kubernetes, pipeline
License: Apache-2.0
Latest release: about 1 month ago
First release: over 1 year ago
Namespace: github.com/argoproj/argo-cd
Dependent packages: 109
Dependent repositories: 148
Stars: 12,466 on GitHub
Forks: 3,611 on GitHub
Docker dependents: 158
Docker downloads: 1,166,237
See more repository details: repos.ecosyste.ms
Last synced: about 19 hours ago

High

GSA_kwCzR0hTQS02M3F4LXg3NGctamNyN80oiQ

Path traversal and dereference of symlinks in Argo CD
Ecosystems: go
Packages: github.com/argoproj/argo-cd, github.com/argoproj/argo-cd/v2
Source: github
Published: about 2 years ago

Moderate

GSA_kwCzR0hTQS14MzJtLW12ZmotNTJ4ds4AA6Fg

Bypassing Brute Force Protection via Application Crash and In-Memory Data Loss
Ecosystems: go
Packages: github.com/argoproj/argo-cd/v2
Source: github
Published: about 1 month ago

Critical

GSA_kwCzR0hTQS1qd3Y1LThtcXYtZzM4N84AA6CM

Cross-site scripting on application summary component
Ecosystems: go
Packages: github.com/argoproj/argo-cd/v2, github.com/argoproj/argo-cd
Source: github
Published: about 1 month ago

Moderate

GSA_kwCzR0hTQS1nNjIzLWpjZ2ctbWhtbc4AA6Bz

Users with `create` but not `override` privileges can perform local sync
Ecosystems: go
Packages: github.com/argoproj/argo-cd/v2, github.com/argoproj/argo-cd
Source: github
Published: about 1 month ago

Moderate

GSA_kwCzR0hTQS14bWc4LTk5cjgtamMyas4AAgd9

Login screen allows message spoofing if SSO is enabled
Ecosystems: go
Packages: github.com/argoproj/argo-cd, github.com/argoproj/argo-cd/v2
Source: github
Published: almost 2 years ago

High

GSA_kwCzR0hTQS0ybTdoLTg2cXEtZnA0ds4AAs5Y

Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params
Ecosystems: go
Packages: github.com/argoproj/argo-cd/v2, github.com/argoproj/argo-cd
Source: github
Published: almost 2 years ago

Moderate

GSA_kwCzR0hTQS1xNHc1LTRncTItOTh2bc4AAs5a

Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server
Ecosystems: go
Packages: github.com/argoproj/argo-cd/v2, github.com/argoproj/argo-cd
Source: github
Published: almost 2 years ago

Moderate

GSA_kwCzR0hTQS1tdjZ3LWo0eGMtcXBmd84AAxfx

Argo CD leaks repository credentials in user-facing error messages and in logs
Ecosystems: go
Packages: github.com/argoproj/argo-cd/v2, github.com/argoproj/argo-cd
Source: github
Published: about 1 year ago

Moderate

GSA_kwCzR0hTQS0yZ3Z3LXc2ZmotN20zY84AA7Bd

Argo CD's API server does not enforce project sourceNamespaces
Ecosystems: go
Packages: github.com/argoproj/argo-cd/v2
Source: github
Published: 12 days ago

Moderate

GSA_kwCzR0hTQS05bTZwLXg0aDItNmZycc4AA7V4

Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences
Ecosystems: go
Packages: github.com/argoproj/argo-cd/v2
Source: github
Published: about 21 hours ago

High

GSA_kwCzR0hTQS05Mm13LXEyNTYtNXZ3Z84AA4lC

github.com/argoproj/argo-cd Cross-Site Request Forgery vulnerability
Ecosystems: go
Packages: github.com/argoproj/argo-cd/v2, github.com/argoproj/argo-cd
Source: github
Published: 3 months ago

Moderate

GSA_kwCzR0hTQS0ydmdnLTloNnctbTQ1NM4AA6Gi

Bypassing Rate Limit and Brute Force Protection Using Cache Overflow
Ecosystems: go
Packages: github.com/argoproj/argo-cd/v2
Source: github
Published: about 1 month ago

Moderate

GSA_kwCzR0hTQS1qaHd4LW1od3ctcmdjM84AA6dx

ArgoCD's repo server has Uncontrolled Resource Consumption vulnerability
Ecosystems: go
Packages: github.com/argoproj/argo-cd/v2
Source: github
Published: 29 days ago

Critical

GSA_kwCzR0hTQS1md3IyLTY0dnIteHY5bc4AA1yv

Argo CD cluster secret might leak in cluster details page
Ecosystems: go
Packages: github.com/argoproj/argo-cd/v2
Source: github
Published: 8 months ago

Moderate

GSA_kwCzR0hTQS1nNjg3LWYyZ3gtNndtOM4AA1yw

Argo CD repo-server Denial of Service vulnerability
Ecosystems: go
Packages: github.com/argoproj/argo-cd/v2
Source: github
Published: 8 months ago

Moderate

GSA_kwCzR0hTQS1qaHFwLXZmNHctcnB3cc4AAs5e

DoS through large manifest files in Argo CD
Ecosystems: go
Packages: github.com/argoproj/argo-cd/v2, github.com/argoproj/argo-cd
Source: github
Published: almost 2 years ago

Moderate

GSA_kwCzR0hTQS02anF3LWp3ZjUtcnA4aM4AA2HB

Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server
Ecosystems: go
Packages: github.com/argoproj/argo-cd/v2, github.com/argoproj/argo-cd
Source: github
Published: 7 months ago

Moderate

GSA_kwCzR0hTQS02Z2NnLWhwMngtcTU0aM4AAgdM

Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server
Ecosystems: go
Packages: github.com/argoproj/argo-cd/v2
Source: github
Published: almost 2 years ago

High

GSA_kwCzR0hTQS05Nmp2LXZqMzkteDRqNs4AAtU8

Argo CD improper access control bug can allow malicious user to escalate privileges to admin level
Ecosystems: go
Packages: github.com/argoproj/argo-cd/v2, github.com/argoproj/argo-cd
Source: github
Published: almost 2 years ago

Critical

GSA_kwCzR0hTQS1oNHc5LTZ4NzgtOHZyas4AAs5Z

Argo CD's external URLs for Deployments can include JavaScript
Ecosystems: go
Packages: github.com/argoproj/argo-cd/v2, github.com/argoproj/argo-cd
Source: github
Published: almost 2 years ago

Critical

GSA_kwCzR0hTQS1yNjQyLWd2OXAtMndqas4AAqwZ

Argo CD will blindly trust JWT claims if anonymous access is enabled
Ecosystems: go
Packages: github.com/argoproj/argo-cd, github.com/argoproj/argo-cd/v2
Source: github
Published: almost 2 years ago

Moderate

GSA_kwCzR0hTQS0ycTVjLXF3OWMtZm12cc4AAyQf

Argo CD authenticated but unauthorized users may enumerate Application names via the API
Ecosystems: go
Packages: github.com/argoproj/argo-cd/v2, github.com/argoproj/argo-cd
Source: github
Published: about 1 year ago

Moderate

MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXFxNXYtZjRjMy0zOTVj

Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd/v2
Ecosystems: go
Packages: github.com/argoproj/argo-cd/v2
Source: github
Published: almost 3 years ago