Affected by GO-2023-1862
and 9 other vulnerabilities
GO-2023-1862: Cilium vulnerable to information leakage via incorrect ReferenceGrant handling in github.com/cilium/cilium
GO-2023-2078: Kubernetes users may update Pod labels to bypass network policy in github.com/cilium/cilium
GO-2023-2079: Specific Cilium configurations vulnerable to DoS via Kubernetes annotations in github.com/cilium/cilium
GO-2023-2080: Cilium vulnerable to bypass of namespace restrictions in CiliumNetworkPolicy in github.com/cilium/cilium
GO-2024-2656: Unencrypted traffic between nodes with IPsec in github.com/cilium/cilium
GO-2024-2666: Insecure IPsec transparent encryption in github.com/cilium/cilium
GO-2024-2922: Cilium leaks sensitive information in cilium-bugtool in github.com/cilium/cilium
GO-2024-3072: Policy bypass for Host Firewall policy due to race condition in Cilium agent in github.com/cilium/cilium
GO-2025-3635: In Cilium, packets from terminating endpoints may not be encrypted in Wireguard-enabled clusters in github.com/cilium/cilium
GO-2025-4167: Cilium with misconfigured toGroups in policies can lead to unrestricted egress traffic in Ciliumgithub.com/cilium/cilium
package
Version:
v1.13.2
Opens a new window with list of versions in this module.
Published: Apr 17, 2023
License: Apache-2.0
Opens a new window with license information.
Imports: 11
Opens a new window with list of imports.
Imported by: 1
Opens a new window with list of known importers.
Documentation
¶
type IPMasqAgent struct {
}
IPMasqAgent represents a state of the ip-masq-agent
Start starts the ip-masq-agent goroutine which tracks the config file and
updates the BPF map accordingly.
Stop stops the ip-masq-agent goroutine and the watcher.
Update updates the ipmasq BPF map entries with ones from the config file.
IPMasqMap is an interface describing methods for manipulating an ipmasq map
ipnet is a wrapper type for net.IPNet to enable de-serialization of CIDRs
Source Files
¶
Click to show internal directories.
Click to hide internal directories.