Affected by GO-2022-0617 and 20 other vulnerabilities

GO-2022-0617: WITHDRAWN: Potential proxy IP restriction bypass in Kubernetes in k8s.io/kubernetes

GO-2022-0703: XML Entity Expansion and Improper Input Validation in Kubernetes API server in k8s.io/kubernetes

GO-2022-0867: Allocation of Resources Without Limits or Throttling and Uncontrolled Memory Allocation in Kubernetes in k8s.io/kubernetes

GO-2022-0885: Improper Authentication in Kubernetes in k8s.io/kubernetes

GO-2022-0890: Server Side Request Forgery (SSRF) in Kubernetes in k8s.io/kubernetes

GO-2022-0907: Access Restriction Bypass in kube-apiserver in k8s.io/kubernetes

GO-2022-0910: Files or Directories Accessible to External Parties in kubernetes in k8s.io/kubernetes

GO-2022-0983: kubectl ANSI escape characters not filtered in k8s.io/kubernetes

GO-2023-1864: Kubelet vulnerable to bypass of seccomp profile enforcement in k8s.io/kubernetes

GO-2023-1891: kube-apiserver vulnerable to policy bypass in k8s.io/kubernetes

GO-2023-1892: Kubernetes mountable secrets policy bypass in k8s.io/kubernetes

GO-2023-2159: Kube-proxy may unintentionally forward traffic in k8s.io/kubernetes

GO-2023-2170: Kubernetes privilege escalation vulnerability in k8s.io/kubernetes

GO-2023-2330: Kubernetes privilege escalation vulnerability in k8s.io/kubernetes

GO-2023-2341: Kubernetes Improper Input Validation vulnerability in k8s.io/kubernetes

GO-2024-2748: Privilege Escalation in Kubernetes in k8s.io/apimachinery

GO-2024-2753: Denial of service in Kubernetes in k8s.io/kubernetes

GO-2024-2754: Sensitive Information leak via Log File in Kubernetes in k8s.io/kubernetes

GO-2024-2755: Sensitive Information leak via Log File in Kubernetes in k8s.io/kubernetes

GO-2024-2994: Kubernetes sets incorrect permissions on Windows containers logs in k8s.io/kubernetes

GO-2024-3277: Kubernetes Nil pointer dereference in KCM after v1 HPA patch request in k8s.io/kubernetes

openapi

package

v1.15.2-beta.0 Latest Latest Go to latest Published: Jul 18, 2019 License: Apache-2.0 Imports: 8 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/kubernetes/kubernetes

Documentation ¶

Overview ¶

Package openapi is a collection of libraries for fetching the openapi spec from a Kubernetes server and then indexing the type definitions. The openapi spec contains the object model definitions and extensions metadata such as the patchStrategy and patchMergeKey for creating patches.

Index ¶

Constants
func GetPrintColumns(extensions spec.Extensions) (string, bool)
func SupportsDryRun(doc *openapi_v2.Document, gvk schema.GroupVersionKind) (bool, error)
type Getter
- func NewOpenAPIGetter(openAPIClient discovery.OpenAPISchemaInterface) Getter
type Resources
- func NewOpenAPIData(doc *openapi_v2.Document) (Resources, error)

Constants ¶

View Source

const PrintColumnsKey = "x-kubernetes-print-columns"

PrintColumnsKey is the key that defines which columns should be printed

Variables ¶

This section is empty.

Functions ¶

func GetPrintColumns ¶

func GetPrintColumns(extensions spec.Extensions) (string, bool)

GetPrintColumns looks for the open API extension for the display columns.

func SupportsDryRun ¶ added in v1.13.0

func SupportsDryRun(doc *openapi_v2.Document, gvk schema.GroupVersionKind) (bool, error)

SupportsDryRun is a method that let's us look in the OpenAPI if the specific group-version-kind supports the dryRun query parameter for the PATCH end-point.

Types ¶

type Getter ¶

type Getter interface {
	// OpenAPIData returns the parsed OpenAPIData
	Get() (Resources, error)
}

Getter is an interface for fetching openapi specs and parsing them into an Resources struct

func NewOpenAPIGetter ¶

func NewOpenAPIGetter(openAPIClient discovery.OpenAPISchemaInterface) Getter

NewOpenAPIGetter returns an object to return OpenAPIDatas which reads from a server, and then stores in memory for subsequent invocations

type Resources ¶

type Resources interface {
	LookupResource(gvk schema.GroupVersionKind) proto.Schema
}

Resources interface describe a resources provider, that can give you resource based on group-version-kind.

func NewOpenAPIData ¶

func NewOpenAPIData(doc *openapi_v2.Document) (Resources, error)

NewOpenAPIData creates a new `Resources` out of the openapi document

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
testing
validation

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL