Affected by GO-2022-0617 and 9 other vulnerabilities

GO-2022-0617: WITHDRAWN: Potential proxy IP restriction bypass in Kubernetes in k8s.io/kubernetes

GO-2022-0983: kubectl ANSI escape characters not filtered in k8s.io/kubernetes

GO-2023-1628: Kubernetes vulnerable to path traversal in k8s.io/kubernetes

GO-2023-1629: Kubernetes vulnerable to validation bypass in k8s.io/kubernetes

GO-2023-1864: Kubelet vulnerable to bypass of seccomp profile enforcement in k8s.io/kubernetes

GO-2023-1891: kube-apiserver vulnerable to policy bypass in k8s.io/kubernetes

GO-2023-1892: Kubernetes mountable secrets policy bypass in k8s.io/kubernetes

GO-2023-2341: Kubernetes Improper Input Validation vulnerability in k8s.io/kubernetes

GO-2024-2994: Kubernetes sets incorrect permissions on Windows containers logs in k8s.io/kubernetes

GO-2024-3277: Kubernetes Nil pointer dereference in KCM after v1 HPA patch request in k8s.io/kubernetes

metadata-concealment

command

v1.23.3 Latest Latest Go to latest Published: Jan 25, 2022 License: Apache-2.0 Imports: 6 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/kubernetes/kubernetes

Links

Open Source Insights

README ¶

metadata-concealment

Runs various checks against the GCE metadata API. If the checks pass, the job is run to completion. It fails and stops at the first error encountered.

Only valid if using the GCE provider.

Documentation ¶

There is no documentation for this package.

Source Files ¶

View all Source files

check_metadata_concealment.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL