Affected by GO-2024-2877 and 6 other vulnerabilities

GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd

GO-2025-3433: Argo CD does not scrub secret values from patch errors in github.com/argoproj/argo-cd

GO-2025-3720: Argo CD allows cross-site scripting on repositories page in github.com/argoproj/argo-cd

GO-2025-3993: Unauthenticated argocd-server panic via a malicious Bitbucket-Server webhook payload in github.com/argoproj/argo-cd

GO-2025-3994: Repository Credentials Race Condition Crashes Argo CD Server in github.com/argoproj/argo-cd

GO-2025-3995: Argo CD Unauthenticated Remote DoS via malformed Azure DevOps git.push webhook in github.com/argoproj/argo-cd

GO-2025-3996: argo-cd vulnerable unauthenticated DoS via malformed Gogs webhook payload in github.com/argoproj/argo-cd

The highest tagged major version is v3.

hack/

Details

Path	Synopsis
dev-mounter
gen-catalog
gen-crd-spec
gen-docs
gen-resources
cmd command
cmd/commands
generators
util Package util SizedWaitGroup adds the feature of limiting the maximum number of concurrently started routines.	Package util SizedWaitGroup adds the feature of limiting the maximum number of concurrently started routines.
k8s
known_types