Affected by GO-2022-0457
and 11 other vulnerabilities
GO-2022-0457 : Access to Unix domain socket can lead to privileges escalation in Cilium in github.com/cilium/cilium
GO-2022-0458 : Improper Privilege Management in Cilium in github.com/cilium/cilium
GO-2022-0959 : Network Policies & (Clusterwide) Cilium Network Policies with namespace label selectors may unexpectedly select pods with maliciously crafted labels in github.com/cilium/cilium
GO-2023-1643 : Potential network policy bypass when routing IPv6 traffic in github.com/cilium/cilium
GO-2023-1730 : Debug mode leaks confidential data in Cilium in github.com/cilium/cilium
GO-2023-1785 : Potential HTTP policy bypass when using header rules in Cilium in github.com/cilium/cilium
GO-2023-2078 : Kubernetes users may update Pod labels to bypass network policy in github.com/cilium/cilium
GO-2023-2079 : Specific Cilium configurations vulnerable to DoS via Kubernetes annotations in github.com/cilium/cilium
GO-2023-2080 : Cilium vulnerable to bypass of namespace restrictions in CiliumNetworkPolicy in github.com/cilium/cilium
GO-2024-2656 : Unencrypted traffic between nodes with IPsec in github.com/cilium/cilium
GO-2024-2666 : Insecure IPsec transparent encryption in github.com/cilium/cilium
GO-2024-3072 : Policy bypass for Host Firewall policy due to race condition in Cilium agent in github.com/cilium/cilium
Discover Packages
github.com/cilium/cilium
pkg
hubble
peer
serviceoption
package
Version:
v1.11.0
Opens a new window with list of versions in this module.
Published: Dec 6, 2021
License: Apache-2.0
Opens a new window with license information.
Imports: 0
Opens a new window with list of imports.
Imported by: 2
Opens a new window with list of known importers.
Documentation
Documentation
¶
Default serves only as reference point for default values.
Option customizes then configuration of the peer service.
WithMaxSendBufferSize sets the maximum size of the send buffer. When the
send buffer is full, for example due to errors in the transport, the server
disconnects the corresponding client.
The maximum buffer size should be large enough to accommodate the burst of
peer change notifications than happens on an initial call where all nodes in
the cluster are notified as being added.
WithoutTLSInfo configures the service to send peer change notifications
without TLS information. This implies that TLS is disabled for the Hubble
gRPC service.
type Options struct {
MaxSendBufferSize int
WithoutTLSInfo bool
}
Options stores all the configuration values for the peer service.
Source Files
¶
Click to show internal directories.
Click to hide internal directories.