Affected by GO-2023-1512
and 12 other vulnerabilities
GO-2023-1512: Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd
GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd
GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd
GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd
GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd
GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2
GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2
GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd
GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd
GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd
GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd
GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd
package
Version:
v2.5.0
Opens a new window with list of versions in this module.
Published: Oct 24, 2022
License: Apache-2.0
Opens a new window with license information.
Imports: 5
Opens a new window with list of imports.
Imported by: 2
Opens a new window with list of known importers.
Documentation
¶
-
func Claims(in interface{}) jwtgo.Claims
-
func ExpirationTime(m jwtgo.MapClaims) (time.Time, error)
-
func Float64Field(claims jwtgo.MapClaims, fieldName string) float64
-
func GetGroups(mapClaims jwtgo.MapClaims, scopes []string) []string
-
func GetScopeValues(claims jwtgo.MapClaims, scopes []string) []string
-
func IsMember(claims jwtgo.Claims, groups []string, scopes []string) bool
-
func IsValid(token string) bool
-
func IssuedAt(m jwtgo.MapClaims) (int64, error)
-
func IssuedAtTime(m jwtgo.MapClaims) (time.Time, error)
-
func MapClaims(claims jwtgo.Claims) (jwtgo.MapClaims, error)
-
func StringField(claims jwtgo.MapClaims, fieldName string) string
ExpirationTime returns the expiration as a time.Time
Float64Field extracts a field from the claims as a float64
GetScopeValues extracts the values of specified scopes from the claims
IsMember returns whether or not the user's claims is a member of any of the groups
IssuedAt returns the issued at as an int64
IssuedAtTime returns the issued at as a time.Time
MapClaims converts a jwt.Claims to a MapClaims
StringField extracts a field from the claims as a string
Source Files
¶
Click to show internal directories.
Click to hide internal directories.