Affected by GO-2023-1283
and 4 other vulnerabilities
GO-2023-1283: KubePi allows malicious actor to login with a forged JWT token via Hardcoded Jwtsigkeys in github.com/KubeOperator/kubepi
GO-2023-1463: KubePi may allow unauthorized access to system API in github.com/KubeOperator/kubepi
GO-2023-1468: KubePi session fixation attack allows an attacker to hijack a legitimate user session. in github.com/KubeOperator/kubepi
GO-2023-1956: KubePi Privilege Escalation vulnerability in github.com/KubeOperator/kubepi
GO-2023-1957: KubePi may leak password hash of any user in github.com/KubeOperator/kubepi
package
Version:
v1.2.1
Opens a new window with list of versions in this module.
Published: Nov 15, 2021
License: Apache-2.0
Opens a new window with license information.
Imports: 1
Opens a new window with list of imports.
Imported by: 0
Opens a new window with list of known importers.
Documentation
¶
type Authenticate struct {
Password string `json:"password"`
Token string `json:"token"`
}
type User struct {
v1.BaseModel `storm:"inline"`
v1.Metadata `storm:"inline"`
NickName string `json:"nickName" storm:"index"`
Email string `json:"email" storm:"unique"`
Language string `json:"language"`
IsAdmin bool `json:"isAdmin"`
Authenticate Authenticate `json:"authenticate"`
Type string `json:"type"`
}
Source Files
¶
Click to show internal directories.
Click to hide internal directories.