-
Notifications
You must be signed in to change notification settings - Fork 5.6k
Security: argoproj/argo-cd
Security Navigation
Security Advisories
View known security vulnerabilities and report new vulnerabilities privately to maintainers.
-
Certificate verification is skipped for connections to OIDC providersGHSA-7943-82jg-wmw5 published
Jul 12, 2022 by crenshaw-devHigh -
Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-serverGHSA-6gcg-hp2x-q54h published
May 18, 2022 by jannfisModerate -
Improper access control allows admin privilege escalationGHSA-2f5v-8r3f-8pww published
Mar 23, 2022 by alexmtCritical -
Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-serverGHSA-r9cr-hvjj-496v published
Mar 23, 2022 by jannfisHigh -
Path traversal allows leaking out-of-bound files from Argo CD repo-serverGHSA-h6h5-6fmq-rh28 published
Mar 23, 2022 by jannfisModerate -
Path traversal and dereference of symlinks when passing Helm value filesGHSA-63qx-x74g-jcr7 published
Feb 3, 2022 by jannfisHigh -
Argo CD leaked secret data into error messages and logs on invalid edits via UIGHSA-fp89-h8pj-8894 published
Mar 15, 2021 by alexmtModerate -
Possible XSS when using SSO with the CLIGHSA-qq5v-f4c3-395c published
Mar 8, 2021 by alexmtModerate -
Helm OCI credentials leaked into Argo CD logsGHSA-6w87-g839-9wv7 published
Mar 8, 2021 by alexmtModerate -
Unlimited validity of admin JWTGHSA-9h6w-j7w4-jr52 published
Mar 2, 2021 by alexmtCritical