commit

package

Go to main page

Versions in this module

v1

v1.10.0-rc.6

Apr 15, 2026

v1.10.0-rc.5

Apr 14, 2026

v1.10.0-rc.4

Apr 14, 2026

v1.10.0-rc.3

Apr 14, 2026

v1.10.0-rc.2

Apr 14, 2026

v1.10.0-rc.1

Apr 13, 2026

v1.9.6

Apr 13, 2026

v1.9.5

Mar 2, 2026

v1.9.4

Feb 27, 2026 GO-2026-4717

GO-2026-4717: Kargo Vulnerable to SSRF in Promotion http/http-download Steps Enables Internal Network Access and Data Exfiltration in github.com/akuity/kargo

v1.9.3

Feb 17, 2026 GO-2026-4717

GO-2026-4717: Kargo Vulnerable to SSRF in Promotion http/http-download Steps Enables Internal Network Access and Data Exfiltration in github.com/akuity/kargo

v1.9.2

Feb 2, 2026 GO-2026-4515 +2 more

GO-2026-4515: Kargo has Missing Authorization Vulnerabilities in Approval & Promotion REST API Endpoints in github.com/akuity/kargo

GO-2026-4516: Kargo has an Authorization Bypass Vulnerability in Batch Resource Creation API Endpoints in github.com/akuity/kargo

GO-2026-4717: Kargo Vulnerable to SSRF in Promotion http/http-download Steps Enables Internal Network Access and Data Exfiltration in github.com/akuity/kargo

v1.9.1

Jan 31, 2026 GO-2026-4515 +2 more

GO-2026-4515: Kargo has Missing Authorization Vulnerabilities in Approval & Promotion REST API Endpoints in github.com/akuity/kargo

GO-2026-4516: Kargo has an Authorization Bypass Vulnerability in Batch Resource Creation API Endpoints in github.com/akuity/kargo

GO-2026-4717: Kargo Vulnerable to SSRF in Promotion http/http-download Steps Enables Internal Network Access and Data Exfiltration in github.com/akuity/kargo

v1.9.0

Jan 29, 2026 GO-2026-4515 +2 more

GO-2026-4515: Kargo has Missing Authorization Vulnerabilities in Approval & Promotion REST API Endpoints in github.com/akuity/kargo

GO-2026-4516: Kargo has an Authorization Bypass Vulnerability in Batch Resource Creation API Endpoints in github.com/akuity/kargo

GO-2026-4717: Kargo Vulnerable to SSRF in Promotion http/http-download Steps Enables Internal Network Access and Data Exfiltration in github.com/akuity/kargo

v1.9.0-rc.2

Jan 28, 2026 GO-2026-4516 +1 more

GO-2026-4516: Kargo has an Authorization Bypass Vulnerability in Batch Resource Creation API Endpoints in github.com/akuity/kargo

GO-2026-4717: Kargo Vulnerable to SSRF in Promotion http/http-download Steps Enables Internal Network Access and Data Exfiltration in github.com/akuity/kargo

v1.9.0-rc.1

Jan 27, 2026 GO-2026-4516 +1 more

GO-2026-4516: Kargo has an Authorization Bypass Vulnerability in Batch Resource Creation API Endpoints in github.com/akuity/kargo

GO-2026-4717: Kargo Vulnerable to SSRF in Promotion http/http-download Steps Enables Internal Network Access and Data Exfiltration in github.com/akuity/kargo

v1.8.12

Mar 2, 2026

v1.8.11

Feb 17, 2026 GO-2026-4717

GO-2026-4717: Kargo Vulnerable to SSRF in Promotion http/http-download Steps Enables Internal Network Access and Data Exfiltration in github.com/akuity/kargo

v1.8.10

Jan 31, 2026 GO-2026-4516 +1 more

GO-2026-4516: Kargo has an Authorization Bypass Vulnerability in Batch Resource Creation API Endpoints in github.com/akuity/kargo

GO-2026-4717: Kargo Vulnerable to SSRF in Promotion http/http-download Steps Enables Internal Network Access and Data Exfiltration in github.com/akuity/kargo

v1.8.9

Jan 28, 2026 GO-2026-4516 +1 more

GO-2026-4516: Kargo has an Authorization Bypass Vulnerability in Batch Resource Creation API Endpoints in github.com/akuity/kargo

GO-2026-4717: Kargo Vulnerable to SSRF in Promotion http/http-download Steps Enables Internal Network Access and Data Exfiltration in github.com/akuity/kargo

v1.8.8

Jan 27, 2026 GO-2026-4516 +1 more

GO-2026-4516: Kargo has an Authorization Bypass Vulnerability in Batch Resource Creation API Endpoints in github.com/akuity/kargo

GO-2026-4717: Kargo Vulnerable to SSRF in Promotion http/http-download Steps Enables Internal Network Access and Data Exfiltration in github.com/akuity/kargo

v1.8.7

Jan 26, 2026 GO-2026-4516 +1 more

GO-2026-4516: Kargo has an Authorization Bypass Vulnerability in Batch Resource Creation API Endpoints in github.com/akuity/kargo

GO-2026-4717: Kargo Vulnerable to SSRF in Promotion http/http-download Steps Enables Internal Network Access and Data Exfiltration in github.com/akuity/kargo

v1.8.6

Jan 17, 2026 GO-2026-4385 +2 more

GO-2026-4385: Kargo's `GetConfig()` and `RefreshResource()` API endpoints allow unauthenticated access in github.com/akuity/kargo

GO-2026-4516: Kargo has an Authorization Bypass Vulnerability in Batch Resource Creation API Endpoints in github.com/akuity/kargo

GO-2026-4717: Kargo Vulnerable to SSRF in Promotion http/http-download Steps Enables Internal Network Access and Data Exfiltration in github.com/akuity/kargo

v1.8.5

Jan 16, 2026 GO-2026-4385 +2 more

GO-2026-4385: Kargo's `GetConfig()` and `RefreshResource()` API endpoints allow unauthenticated access in github.com/akuity/kargo

GO-2026-4516: Kargo has an Authorization Bypass Vulnerability in Batch Resource Creation API Endpoints in github.com/akuity/kargo

GO-2026-4717: Kargo Vulnerable to SSRF in Promotion http/http-download Steps Enables Internal Network Access and Data Exfiltration in github.com/akuity/kargo

v1.8.4

Nov 25, 2025 GO-2026-4385 +2 more

GO-2026-4385: Kargo's `GetConfig()` and `RefreshResource()` API endpoints allow unauthenticated access in github.com/akuity/kargo

GO-2026-4516: Kargo has an Authorization Bypass Vulnerability in Batch Resource Creation API Endpoints in github.com/akuity/kargo

GO-2026-4717: Kargo Vulnerable to SSRF in Promotion http/http-download Steps Enables Internal Network Access and Data Exfiltration in github.com/akuity/kargo

v1.8.4-rc.4

Oct 3, 2025 GO-2026-4385 +2 more

GO-2026-4385: Kargo's `GetConfig()` and `RefreshResource()` API endpoints allow unauthenticated access in github.com/akuity/kargo

GO-2026-4516: Kargo has an Authorization Bypass Vulnerability in Batch Resource Creation API Endpoints in github.com/akuity/kargo

GO-2026-4717: Kargo Vulnerable to SSRF in Promotion http/http-download Steps Enables Internal Network Access and Data Exfiltration in github.com/akuity/kargo

v1.8.3

Nov 3, 2025 GO-2026-4385 +2 more

GO-2026-4385: Kargo's `GetConfig()` and `RefreshResource()` API endpoints allow unauthenticated access in github.com/akuity/kargo

GO-2026-4516: Kargo has an Authorization Bypass Vulnerability in Batch Resource Creation API Endpoints in github.com/akuity/kargo

GO-2026-4717: Kargo Vulnerable to SSRF in Promotion http/http-download Steps Enables Internal Network Access and Data Exfiltration in github.com/akuity/kargo

v1.8.2

Oct 28, 2025 GO-2026-4385 +2 more

GO-2026-4385: Kargo's `GetConfig()` and `RefreshResource()` API endpoints allow unauthenticated access in github.com/akuity/kargo

GO-2026-4516: Kargo has an Authorization Bypass Vulnerability in Batch Resource Creation API Endpoints in github.com/akuity/kargo

GO-2026-4717: Kargo Vulnerable to SSRF in Promotion http/http-download Steps Enables Internal Network Access and Data Exfiltration in github.com/akuity/kargo

v1.8.1

Oct 23, 2025 GO-2026-4385 +2 more

GO-2026-4385: Kargo's `GetConfig()` and `RefreshResource()` API endpoints allow unauthenticated access in github.com/akuity/kargo

GO-2026-4516: Kargo has an Authorization Bypass Vulnerability in Batch Resource Creation API Endpoints in github.com/akuity/kargo

GO-2026-4717: Kargo Vulnerable to SSRF in Promotion http/http-download Steps Enables Internal Network Access and Data Exfiltration in github.com/akuity/kargo

v1.8.0

Oct 20, 2025 GO-2026-4385 +2 more

GO-2026-4385: Kargo's `GetConfig()` and `RefreshResource()` API endpoints allow unauthenticated access in github.com/akuity/kargo

GO-2026-4516: Kargo has an Authorization Bypass Vulnerability in Batch Resource Creation API Endpoints in github.com/akuity/kargo

GO-2026-4717: Kargo Vulnerable to SSRF in Promotion http/http-download Steps Enables Internal Network Access and Data Exfiltration in github.com/akuity/kargo

Changes in this version

+ type Selector interface

+ MatchesRef func(string) bool

+ Select func(context.Context) ([]kargoapi.DiscoveredCommit, error)

+ func NewSelector(sub kargoapi.GitSubscription, creds *git.RepoCredentials) (Selector, error)

v1.8.0-rc.7

Oct 20, 2025 GO-2026-4385 +2 more

GO-2026-4385: Kargo's `GetConfig()` and `RefreshResource()` API endpoints allow unauthenticated access in github.com/akuity/kargo

GO-2026-4516: Kargo has an Authorization Bypass Vulnerability in Batch Resource Creation API Endpoints in github.com/akuity/kargo

GO-2026-4717: Kargo Vulnerable to SSRF in Promotion http/http-download Steps Enables Internal Network Access and Data Exfiltration in github.com/akuity/kargo

v1.8.0-rc.6

Oct 16, 2025 GO-2026-4385 +2 more

GO-2026-4385: Kargo's `GetConfig()` and `RefreshResource()` API endpoints allow unauthenticated access in github.com/akuity/kargo

GO-2026-4516: Kargo has an Authorization Bypass Vulnerability in Batch Resource Creation API Endpoints in github.com/akuity/kargo

GO-2026-4717: Kargo Vulnerable to SSRF in Promotion http/http-download Steps Enables Internal Network Access and Data Exfiltration in github.com/akuity/kargo

v1.8.0-rc.5

Oct 10, 2025 GO-2026-4385 +2 more

GO-2026-4385: Kargo's `GetConfig()` and `RefreshResource()` API endpoints allow unauthenticated access in github.com/akuity/kargo

GO-2026-4516: Kargo has an Authorization Bypass Vulnerability in Batch Resource Creation API Endpoints in github.com/akuity/kargo

GO-2026-4717: Kargo Vulnerable to SSRF in Promotion http/http-download Steps Enables Internal Network Access and Data Exfiltration in github.com/akuity/kargo

v1.8.0-rc.4

Oct 3, 2025 GO-2026-4385 +2 more

GO-2026-4385: Kargo's `GetConfig()` and `RefreshResource()` API endpoints allow unauthenticated access in github.com/akuity/kargo

GO-2026-4516: Kargo has an Authorization Bypass Vulnerability in Batch Resource Creation API Endpoints in github.com/akuity/kargo

GO-2026-4717: Kargo Vulnerable to SSRF in Promotion http/http-download Steps Enables Internal Network Access and Data Exfiltration in github.com/akuity/kargo

v1.8.0-rc.3

Oct 3, 2025 GO-2026-4385 +2 more

GO-2026-4385: Kargo's `GetConfig()` and `RefreshResource()` API endpoints allow unauthenticated access in github.com/akuity/kargo

GO-2026-4516: Kargo has an Authorization Bypass Vulnerability in Batch Resource Creation API Endpoints in github.com/akuity/kargo

GO-2026-4717: Kargo Vulnerable to SSRF in Promotion http/http-download Steps Enables Internal Network Access and Data Exfiltration in github.com/akuity/kargo

v1.8.0-rc.2

Oct 1, 2025 GO-2026-4385 +2 more

GO-2026-4385: Kargo's `GetConfig()` and `RefreshResource()` API endpoints allow unauthenticated access in github.com/akuity/kargo

GO-2026-4516: Kargo has an Authorization Bypass Vulnerability in Batch Resource Creation API Endpoints in github.com/akuity/kargo

GO-2026-4717: Kargo Vulnerable to SSRF in Promotion http/http-download Steps Enables Internal Network Access and Data Exfiltration in github.com/akuity/kargo

v1.8.0-rc.1

Sep 30, 2025 GO-2026-4385 +2 more

GO-2026-4385: Kargo's `GetConfig()` and `RefreshResource()` API endpoints allow unauthenticated access in github.com/akuity/kargo

GO-2026-4516: Kargo has an Authorization Bypass Vulnerability in Batch Resource Creation API Endpoints in github.com/akuity/kargo

GO-2026-4717: Kargo Vulnerable to SSRF in Promotion http/http-download Steps Enables Internal Network Access and Data Exfiltration in github.com/akuity/kargo

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL