Affected by GO-2022-0617 and 13 other vulnerabilities

GO-2022-0617: WITHDRAWN: Potential proxy IP restriction bypass in Kubernetes in k8s.io/kubernetes

GO-2022-0907: Access Restriction Bypass in kube-apiserver in k8s.io/kubernetes

GO-2022-0908: Incomplete List of Disallowed Inputs in Kubernetes in k8s.io/kubernetes

GO-2022-0910: Files or Directories Accessible to External Parties in kubernetes in k8s.io/kubernetes

GO-2022-0983: kubectl ANSI escape characters not filtered in k8s.io/kubernetes

GO-2023-1864: Kubelet vulnerable to bypass of seccomp profile enforcement in k8s.io/kubernetes

GO-2023-1891: kube-apiserver vulnerable to policy bypass in k8s.io/kubernetes

GO-2023-1892: Kubernetes mountable secrets policy bypass in k8s.io/kubernetes

GO-2023-2159: Kube-proxy may unintentionally forward traffic in k8s.io/kubernetes

GO-2023-2170: Kubernetes privilege escalation vulnerability in k8s.io/kubernetes

GO-2023-2330: Kubernetes privilege escalation vulnerability in k8s.io/kubernetes

GO-2023-2341: Kubernetes Improper Input Validation vulnerability in k8s.io/kubernetes

GO-2024-2994: Kubernetes sets incorrect permissions on Windows containers logs in k8s.io/kubernetes

GO-2024-3277: Kubernetes Nil pointer dereference in KCM after v1 HPA patch request in k8s.io/kubernetes

certificates

package

v1.20.5 Latest Latest Go to latest Published: Mar 18, 2021 License: Apache-2.0 Imports: 5 Imported by: 2

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/kubernetes/kubernetes

Links

Open Source Insights

Documentation ¶

Index ¶

func IsAuthorizedForSignerName(ctx context.Context, authz authorizer.Authorizer, info user.Info, ...) bool

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func IsAuthorizedForSignerName ¶

func IsAuthorizedForSignerName(ctx context.Context, authz authorizer.Authorizer, info user.Info, verb, signerName string) bool

IsAuthorizedForSignerName returns true if 'info' is authorized to perform the given 'verb' on the synthetic 'signers' resource with the given signerName. If the user does not have permission to perform the 'verb' on the given signerName, it will also perform an authorization check against {domain portion}/*, for example `kubernetes.io/*`. This allows an entity to be granted permission to 'verb' on all signerNames with a given 'domain portion'.

Types ¶

This section is empty.

Source Files ¶

View all Source files

util.go

Directories ¶

Path	Synopsis
approval
signing
subjectrestriction

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL