Affected by GO-2022-0959
and 9 other vulnerabilities
GO-2022-0959: Network Policies & (Clusterwide) Cilium Network Policies with namespace label selectors may unexpectedly select pods with maliciously crafted labels in github.com/cilium/cilium
GO-2023-1643: Potential network policy bypass when routing IPv6 traffic in github.com/cilium/cilium
GO-2023-1730: Debug mode leaks confidential data in Cilium in github.com/cilium/cilium
GO-2023-1785: Potential HTTP policy bypass when using header rules in Cilium in github.com/cilium/cilium
GO-2023-2078: Kubernetes users may update Pod labels to bypass network policy in github.com/cilium/cilium
GO-2023-2079: Specific Cilium configurations vulnerable to DoS via Kubernetes annotations in github.com/cilium/cilium
GO-2023-2080: Cilium vulnerable to bypass of namespace restrictions in CiliumNetworkPolicy in github.com/cilium/cilium
GO-2024-2656: Unencrypted traffic between nodes with IPsec in github.com/cilium/cilium
GO-2024-2666: Insecure IPsec transparent encryption in github.com/cilium/cilium
GO-2024-3072: Policy bypass for Host Firewall policy due to race condition in Cilium agent in github.com/cilium/cilium
package
Version:
v1.10.13
Opens a new window with list of versions in this module.
Published: Jul 15, 2022
License: Apache-2.0
Opens a new window with license information.
Imports: 0
Opens a new window with list of imports.
Imported by: 0
Opens a new window with list of known importers.
Documentation
¶
CiliumNamespaceName returns the name of the namespace in which Cilium is
deployed in
EncryptionEnabled returns true if encryption is enabled
LocalClusterName returns the name of the cluster Cilium is deployed in
NodeEncryptionEnabled returns true if node encryption is enabled
func (f *Config) RemoteNodeIdentitiesEnabled() bool
RemoteNodeIdentitiesEnabled returns true if the remote-node identity feature
is enabled
TunnelingEnabled returns true if the tunneling is used.
Source Files
¶
Click to show internal directories.
Click to hide internal directories.