fix(security): don't allow app enumeration via RevisionChartDetails #14512
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Signed-off-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com>
|
/cherry-pick release-2.8 |
jannfis
reviewed
Jul 14, 2023
Signed-off-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com>
gcp-cherry-pick-bot bot
pushed a commit
that referenced
this pull request
Jul 14, 2023
…14512) * fix(security): don't allow app enumeration via RevisionChartDetails Signed-off-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com> * better app name Signed-off-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com> --------- Signed-off-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com>
Jneville0815
pushed a commit
to radiusmethod/argo-cd
that referenced
this pull request
Jul 18, 2023
…rgoproj#14512) * fix(security): don't allow app enumeration via RevisionChartDetails Signed-off-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com> * better app name Signed-off-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com> --------- Signed-off-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com> Signed-off-by: Jimmy Neville <jimmyeneville@gmail.com>
yyzxw
pushed a commit
to yyzxw/argo-cd
that referenced
this pull request
Aug 9, 2023
…rgoproj#14512) * fix(security): don't allow app enumeration via RevisionChartDetails Signed-off-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com> * better app name Signed-off-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com> --------- Signed-off-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com>
Closed
tesla59
pushed a commit
to tesla59/argo-cd
that referenced
this pull request
Dec 16, 2023
…rgoproj#14512) * fix(security): don't allow app enumeration via RevisionChartDetails Signed-off-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com> * better app name Signed-off-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com> --------- Signed-off-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This endpoint was written before we had the fix in for app enumeration. I'm just applying the security fix to the additional endpoint.