Affected by GO-2022-0393
and 12 other vulnerabilities
GO-2022-0393 : Network policy may be bypassed by some ICMP Echo Requests in github.com/cilium/cilium
GO-2022-0457 : Access to Unix domain socket can lead to privileges escalation in Cilium in github.com/cilium/cilium
GO-2022-0458 : Improper Privilege Management in Cilium in github.com/cilium/cilium
GO-2022-0959 : Network Policies & (Clusterwide) Cilium Network Policies with namespace label selectors may unexpectedly select pods with maliciously crafted labels in github.com/cilium/cilium
GO-2023-1643 : Potential network policy bypass when routing IPv6 traffic in github.com/cilium/cilium
GO-2023-1730 : Debug mode leaks confidential data in Cilium in github.com/cilium/cilium
GO-2023-1785 : Potential HTTP policy bypass when using header rules in Cilium in github.com/cilium/cilium
GO-2023-2078 : Kubernetes users may update Pod labels to bypass network policy in github.com/cilium/cilium
GO-2023-2079 : Specific Cilium configurations vulnerable to DoS via Kubernetes annotations in github.com/cilium/cilium
GO-2023-2080 : Cilium vulnerable to bypass of namespace restrictions in CiliumNetworkPolicy in github.com/cilium/cilium
GO-2024-2656 : Unencrypted traffic between nodes with IPsec in github.com/cilium/cilium
GO-2024-2666 : Insecure IPsec transparent encryption in github.com/cilium/cilium
GO-2024-3072 : Policy bypass for Host Firewall policy due to race condition in Cilium agent in github.com/cilium/cilium
Discover Packages
github.com/cilium/cilium
pkg
k8s
utils
package
Version:
v1.7.12
Opens a new window with list of versions in this module.
Published: Dec 4, 2020
License: Apache-2.0
Opens a new window with license information.
Imports: 3
Opens a new window with list of imports.
Imported by: 22
Opens a new window with list of known importers.
Documentation
Documentation
¶
ExtractNamespace extracts the namespace of ObjectMeta.
For cluster scoped objects the Namespace field is empty and this function
assumes that the object is returned from kubernetes itself implying that
the namespace is empty only and only when the Object is cluster scoped
and thus returns empty namespace for such objects.
ExtractNamespaceOrDefault extracts the namespace of ObjectMeta, it returns default
namespace if the namespace field in the ObjectMeta is empty.
GetObjNamespaceName returns the object's namespace and name.
If the object is cluster scoped then the function returns only the object name
without any namespace prefix.
GetObjUID returns the object's namespace and name.
IsInfraContainer returns true if the given set of labels represent a infra
container.
Source Files
¶
Click to show internal directories.
Click to hide internal directories.