Affected by GO-2023-1283
and 4 other vulnerabilities
GO-2023-1283: KubePi allows malicious actor to login with a forged JWT token via Hardcoded Jwtsigkeys in github.com/KubeOperator/kubepi
GO-2023-1463: KubePi may allow unauthorized access to system API in github.com/KubeOperator/kubepi
GO-2023-1468: KubePi session fixation attack allows an attacker to hijack a legitimate user session. in github.com/KubeOperator/kubepi
GO-2023-1956: KubePi Privilege Escalation vulnerability in github.com/KubeOperator/kubepi
GO-2023-1957: KubePi may leak password hash of any user in github.com/KubeOperator/kubepi
package
Version:
v1.6.1
Opens a new window with list of versions in this module.
Published: Jul 29, 2022
License: Apache-2.0
Opens a new window with license information.
Imports: 1
Opens a new window with list of imports.
Imported by: 0
Opens a new window with list of known importers.
Documentation
¶
type Authenticate struct {
Password string `json:"password"`
Token string `json:"token"`
}
type ImportResult struct {
Success bool `json:"success"`
Failures []string `json:"failures"`
Msg string `json:"msg"`
}
type ImportUser struct {
Name string `json:"name"`
Email string `json:"email"`
NickName string `json:"nickName"`
Available bool `json:"available"`
}
type Mfa struct {
Enable bool `json:"enable"`
Secret string `json:"secret"`
}
type User struct {
v1.BaseModel `storm:"inline"`
v1.Metadata `storm:"inline"`
NickName string `json:"nickName" storm:"index"`
Email string `json:"email" storm:"unique"`
Language string `json:"language"`
IsAdmin bool `json:"isAdmin"`
Authenticate Authenticate `json:"authenticate"`
Type string `json:"type"`
Mfa Mfa `json:"mfa"`
}
Source Files
¶
Click to show internal directories.
Click to hide internal directories.