Affected by GO-2022-0457
and 11 other vulnerabilities
GO-2022-0457 : Access to Unix domain socket can lead to privileges escalation in Cilium in github.com/cilium/cilium
GO-2022-0458 : Improper Privilege Management in Cilium in github.com/cilium/cilium
GO-2022-0959 : Network Policies & (Clusterwide) Cilium Network Policies with namespace label selectors may unexpectedly select pods with maliciously crafted labels in github.com/cilium/cilium
GO-2023-1643 : Potential network policy bypass when routing IPv6 traffic in github.com/cilium/cilium
GO-2023-1730 : Debug mode leaks confidential data in Cilium in github.com/cilium/cilium
GO-2023-1785 : Potential HTTP policy bypass when using header rules in Cilium in github.com/cilium/cilium
GO-2023-2078 : Kubernetes users may update Pod labels to bypass network policy in github.com/cilium/cilium
GO-2023-2079 : Specific Cilium configurations vulnerable to DoS via Kubernetes annotations in github.com/cilium/cilium
GO-2023-2080 : Cilium vulnerable to bypass of namespace restrictions in CiliumNetworkPolicy in github.com/cilium/cilium
GO-2024-2656 : Unencrypted traffic between nodes with IPsec in github.com/cilium/cilium
GO-2024-2666 : Insecure IPsec transparent encryption in github.com/cilium/cilium
GO-2024-3072 : Policy bypass for Host Firewall policy due to race condition in Cilium agent in github.com/cilium/cilium
Discover Packages
github.com/cilium/cilium
pkg
labels
cidr
package
Version:
v1.11.1
Opens a new window with list of versions in this module.
Published: Jan 19, 2022
License: Apache-2.0
Opens a new window with license information.
Imports: 4
Opens a new window with list of imports.
Imported by: 0
Opens a new window with list of known importers.
Documentation
Documentation
¶
Package cidr provides helper methods for generating labels for CIDRs which
are partially derived from node state.
GetCIDRLabels turns a CIDR into a set of labels representing the cidr itself
and all broader CIDRS which include the specified CIDR in them. For example:
CIDR: 10.0.0.0/8 =>
"cidr:10.0.0.0/8", "cidr:10.0.0.0/7", "cidr:8.0.0.0/6",
"cidr:8.0.0.0/5", "cidr:0.0.0.0/4, "cidr:0.0.0.0/3",
"cidr:0.0.0.0/2", "cidr:0.0.0.0/1", "cidr:0.0.0.0/0"
The identity reserved:world is always added as it includes any CIDR.
IPStringToLabel parses a string and returns it as a CIDR label.
If "IP" is not a valid IP address or CIDR Prefix, returns an error.
Source Files
¶
Click to show internal directories.
Click to hide internal directories.