Affected by GO-2022-0304 and 23 other vulnerabilities

GO-2022-0304: Path traversal and dereference of symlinks in Argo CD in github.com/argoproj/argo-cd

GO-2022-0387: Helm OCI credentials leaked into Argo CD logs in github.com/argoproj/argo-cd

GO-2022-0453: Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server in github.com/argoproj/argo-cd

GO-2022-0454: Login screen allows message spoofing if SSO is enabled in github.com/argoproj/argo-cd

GO-2022-0455: Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd

GO-2022-0517: Argo CD SSO users vulnerable to Cross-site Scripting in github.com/argoproj/argo-cd

GO-2022-0869: Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd

GO-2022-0892: Improper Restriction of Excessive Authentication Attempts in Argo API in github.com/argoproj/argo-cd

GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd

GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd

GO-2023-1952: Argo Exposure of Sensitive Information in github.com/argoproj/argo-cd

GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd

GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd

GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd

GO-2023-2085: Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd

GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd

GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd

GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd

GO-2024-2902: Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd

GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd

GO-2025-3433: Argo CD does not scrub secret values from patch errors in github.com/argoproj/argo-cd

GO-2025-3934: Argo CD's Project API Token Exposes Repository Credentials in github.com/argoproj/argo-cd

GO-2025-3994: Repository Credentials Race Condition Crashes Argo CD Server in github.com/argoproj/argo-cd

GO-2025-3995: Argo CD Unauthenticated Remote DoS via malformed Azure DevOps git.push webhook in github.com/argoproj/argo-cd

The highest tagged major version is v3.

server

package

v0.2.0 Latest Latest Go to latest Published: Mar 29, 2018 License: Apache-2.0 Imports: 22 Imported by: 24

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/argoproj/argo-cd

Links

Documentation ¶

Index ¶

type ArgoCDServer
- func NewServer(kubeclientset kubernetes.Interface, appclientset appclientset.Interface, ...) *ArgoCDServer
- func (a *ArgoCDServer) Run()

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type ArgoCDServer ¶

type ArgoCDServer struct {
	// contains filtered or unexported fields
}

ArgoCDServer is the API server for ArgoCD

func NewServer ¶

func NewServer(
	kubeclientset kubernetes.Interface, appclientset appclientset.Interface, repoclientset reposerver.Clientset, namespace, staticAssetsDir, configMapName string) *ArgoCDServer

NewServer returns a new instance of the ArgoCD API server

func (*ArgoCDServer) Run ¶

func (a *ArgoCDServer) Run()

Run runs the API Server We use k8s.io/code-generator/cmd/go-to-protobuf to generate the .proto files from the API types. k8s.io/ go-to-protobuf uses protoc-gen-gogo, which comes from gogo/protobuf (a fork of golang/protobuf).

Source Files ¶

View all Source files

server.go

Directories ¶

Path	Synopsis
application Package application is a generated protocol buffer package.	Package application is a generated protocol buffer package.
cluster Package cluster is a generated protocol buffer package.	Package cluster is a generated protocol buffer package.
mocks Code generated by mockery v1.0.0	Code generated by mockery v1.0.0
repository Package repository is a generated protocol buffer package.	Package repository is a generated protocol buffer package.
mocks Code generated by mockery v1.0.0	Code generated by mockery v1.0.0
version Package version is a generated protocol buffer package.	Package version is a generated protocol buffer package.

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL