Skip to content

Explore
By company size
By use case
By industry
View all solutions
Topics
- AI
- DevOps
- Security
- Software Development
- View all
Explore
- GitHub Sponsors
  Fund open source developers
- The ReadME Project
  GitHub community articles
Repositories
- Enterprise platform
  AI-powered developer platform
Available add-ons
Pricing

Search code, repositories, users, issues, pull requests...

Search

Clear

Search syntax tips

Provide feedback

We read every piece of feedback, and take your input very seriously.

Include my email address so I can be contacted

Saved searches

Use saved searches to filter your results more quickly

Name

Query

To see all available qualifiers, see our documentation.

Sign in

Sign up

You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session. You switched accounts on another tab or window. Reload to refresh your session.

Dismiss alert

argoproj / argo-cd Public

Notifications You must be signed in to change notification settings
Fork 5.5k
Star 17.9k

Code
Issues 3.1k
Pull requests 416
Discussions
Actions
Projects 5
Wiki
Security
Insights

Additional navigation options

Code
Issues
Pull requests
Discussions
Actions
Projects
Wiki
Security
Insights

Security: argoproj/argo-cd

Security Navigation

Overview
Reporting
- Policy
- Advisories

Security Advisories

View known security vulnerabilities and report new vulnerabilities privately to maintainers.

Report a vulnerability

The Argo CD web terminal session does not handle the revocation of user permissions properly.
GHSA-v8wx-v5jq-qhhw published Jul 24, 2024 by pasha-codefresh

Moderate
Denial of Service via malicious jqPathExpressions in ignoreDifferences
GHSA-9m6p-x4h2-6frq published Apr 26, 2024 by pasha-codefresh

Moderate
Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in Argo CD
GHSA-jmvp-698c-4x3w published Jul 22, 2024 by pasha-codefresh

High
Uncontrolled Resource Consumption vulnerability in ArgoCD's repo server
GHSA-jhwx-mhww-rgc3 published Mar 28, 2024 by pasha-codefresh

Moderate
Use of Risky or Missing Cryptographic Algorithms in Redis Cache
GHSA-9766-5277-j5hr published May 21, 2024 by pasha-codefresh

Critical
Cross-Site Request Forgery (CSRF) in github.com/argoproj/argo-cd
GHSA-92mw-q256-5vwg published Jan 18, 2024 by crenshaw-dev

High
Unauthenticated Access to sensitive settings in Argo CD
GHSA-87p9-x75h-p4j2 published Jun 6, 2024 by pasha-codefresh

Moderate
Users with `create` but not `override` privileges can perform local sync
GHSA-g623-jcgg-mhmm published Mar 13, 2024 by crenshaw-dev

Moderate
Bypassing Rate Limit and Brute Force Protection Using Cache Overflow
GHSA-2vgg-9h6w-m454 published Mar 18, 2024 by crenshaw-dev

Moderate
Denial of Service (DoS) Vulnerability Due to Unsafe Array Modification in Multi-threaded Environment
GHSA-6v85-wr92-q4p7 published Mar 18, 2024 by crenshaw-dev

High

Previous 1 2 3 4 5 Next

Footer

Footer navigation

Terms
Privacy
Security
Status
Docs
Contact

You can’t perform that action at this time.