Affected by GO-2022-0617
and 11 other vulnerabilities
GO-2022-0617: WITHDRAWN: Potential proxy IP restriction bypass in Kubernetes in k8s.io/kubernetes
GO-2022-0907: Access Restriction Bypass in kube-apiserver in k8s.io/kubernetes
GO-2022-0908: Incomplete List of Disallowed Inputs in Kubernetes in k8s.io/kubernetes
GO-2022-0910: Files or Directories Accessible to External Parties in kubernetes in k8s.io/kubernetes
GO-2022-0983: kubectl ANSI escape characters not filtered in k8s.io/kubernetes
GO-2023-1864: Kubelet vulnerable to bypass of seccomp profile enforcement in k8s.io/kubernetes
GO-2023-1891: kube-apiserver vulnerable to policy bypass in k8s.io/kubernetes
GO-2023-1892: Kubernetes mountable secrets policy bypass in k8s.io/kubernetes
GO-2023-2159: Kube-proxy may unintentionally forward traffic in k8s.io/kubernetes
GO-2023-2341: Kubernetes Improper Input Validation vulnerability in k8s.io/kubernetes
GO-2024-2994: Kubernetes sets incorrect permissions on Windows containers logs in k8s.io/kubernetes
GO-2024-3277: Kubernetes Nil pointer dereference in KCM after v1 HPA patch request in k8s.io/kubernetes
package
Version:
v1.20.3
Opens a new window with list of versions in this module.
Published: Feb 17, 2021
License: Apache-2.0
Opens a new window with license information.
Imports: 6
Opens a new window with list of imports.
Imported by: 0
Opens a new window with list of known importers.
Documentation
¶
PluginName indicates name of admission plugin.
Register registers a plugin
Plugin implements admission.Interface.
func NewSecurityContextDeny() *Plugin
NewSecurityContextDeny creates a new instance of the SecurityContextDeny admission controller
Validate will deny any pod that defines SupplementalGroups, SELinuxOptions, RunAsUser or FSGroup
Source Files
¶
Click to show internal directories.
Click to hide internal directories.