Affected by GO-2022-0617 and 8 other vulnerabilities

GO-2022-0617: WITHDRAWN: Potential proxy IP restriction bypass in Kubernetes in k8s.io/kubernetes

GO-2022-0983: kubectl ANSI escape characters not filtered in k8s.io/kubernetes

GO-2023-1864: Kubelet vulnerable to bypass of seccomp profile enforcement in k8s.io/kubernetes

GO-2023-1891: kube-apiserver vulnerable to policy bypass in k8s.io/kubernetes

GO-2023-1892: Kubernetes mountable secrets policy bypass in k8s.io/kubernetes

GO-2023-2170: Kubernetes privilege escalation vulnerability in k8s.io/kubernetes

GO-2023-2330: Kubernetes privilege escalation vulnerability in k8s.io/kubernetes

GO-2023-2341: Kubernetes Improper Input Validation vulnerability in k8s.io/kubernetes

GO-2024-2994: Kubernetes sets incorrect permissions on Windows containers logs in k8s.io/kubernetes

service

package

v1.24.0-rc.0 Latest Latest Go to latest Published: Apr 19, 2022 License: Apache-2.0 Imports: 4 Imported by: 186

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/kubernetes/kubernetes

Documentation ¶

Index ¶

func GetLoadBalancerSourceRanges(service *api.Service) (utilnet.IPNetSet, error)
func IsAllowAll(ipnets utilnet.IPNetSet) bool
func NeedsHealthCheck(service *api.Service) bool
func RequestsOnlyLocalTraffic(service *api.Service) bool

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func GetLoadBalancerSourceRanges ¶

func GetLoadBalancerSourceRanges(service *api.Service) (utilnet.IPNetSet, error)

GetLoadBalancerSourceRanges first try to parse and verify LoadBalancerSourceRanges field from a service. If the field is not specified, turn to parse and verify the AnnotationLoadBalancerSourceRangesKey annotation from a service, extracting the source ranges to allow, and if not present returns a default (allow-all) value.

func IsAllowAll ¶

func IsAllowAll(ipnets utilnet.IPNetSet) bool

IsAllowAll checks whether the utilnet.IPNet allows traffic from 0.0.0.0/0

func NeedsHealthCheck ¶ added in v1.4.0

func NeedsHealthCheck(service *api.Service) bool

NeedsHealthCheck checks if service needs health check.

func RequestsOnlyLocalTraffic ¶ added in v1.7.0

func RequestsOnlyLocalTraffic(service *api.Service) bool

RequestsOnlyLocalTraffic checks if service requests OnlyLocal traffic.

Types ¶

This section is empty.

Source Files ¶

View all Source files

util.go

Directories ¶

Path	Synopsis
testing

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL