-
Notifications
You must be signed in to change notification settings - Fork 5.5k
Security: argoproj/argo-cd
Security Navigation
Security Advisories
View known security vulnerabilities and report new vulnerabilities privately to maintainers.
-
Bypassing Brute Force Protection via Application Crash and In-Memory Data LossGHSA-x32m-mvfj-52xv published
Mar 18, 2024 by crenshaw-devModerate -
API server does not enforce project sourceNamespacesGHSA-2gvw-w6fj-7m3c published
Apr 15, 2024 by pasha-codefreshModerate -
Cross-site scripting on application summary componentGHSA-jwv5-8mqv-g387 published
Mar 13, 2024 by crenshaw-devCritical -
Cluster secret might leak in cluster details pageGHSA-fwr2-64vr-xv9m published
Sep 7, 2023 by jannfisCritical -
Argo CD leaks repository credentials in user-facing error messages and in logsGHSA-mv6w-j4xc-qpfw published
Feb 8, 2023 by crenshaw-devModerate -
Denial of Service to Argo CD repo-serverGHSA-g687-f2gx-6wm8 published
Sep 7, 2023 by jannfisModerate -
Users with any cluster secret update access may update out-of-bounds cluster secretsGHSA-3jfq-742w-xg8j published
Feb 16, 2023 by crenshaw-devCritical -
Authenticated users can enumerate clusters by nameGHSA-3cqf-953p-h5cp published
Jun 6, 2024 by pasha-codefreshModerate -
Controller reconciles apps outside configured namespaces when sharding is enabledGHSA-6p4m-hw2h-6gmw published
Jan 25, 2023 by crenshaw-devHigh -
Web terminal session doesn't expireGHSA-c8xw-vjgf-94hr published
Aug 23, 2023 by crenshaw-devModerate