Affected by GO-2025-3696 and 1 other vulnerabilities

GO-2025-3696: Gardener allows bypassing project secret validation which can lead to privilege escalation in github.com/gardener/gardener

GO-2025-3698: Gardener allows metadata injection for a project secret which can lead to privilege escalation in github.com/gardener/gardener

gardeneraccess

package

v1.71.2 Latest Latest Go to latest Published: May 25, 2023 License: Apache-2.0, BSD-2-Clause, MIT, + 1 more Imports: 15 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/gardener/gardener

Links

Documentation ¶

Index ¶

func New(client client.Client, namespace string, ...) component.Deployer
type Values

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func New ¶

func New(
	client client.Client,
	namespace string,
	secretsManager secretsmanager.Interface,
	values Values,
) component.Deployer

New creates a new instance of the deployer for GardenerAccess.

Types ¶

type Values ¶

type Values struct {
	// ServerOutOfCluster is the out-of-cluster address of a kube-apiserver.
	ServerOutOfCluster string
	// ServerInCluster is the in-cluster address of a kube-apiserver.
	ServerInCluster string
}

Values contains configurations for the component.

Source Files ¶

View all Source files

access.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL