GO-2022-0617 
             and 21 other vulnerabilities
           
          
            
  
    GO-2022-0617 : WITHDRAWN: Potential proxy IP restriction bypass in Kubernetes in k8s.io/kubernetes
  
 
  
    GO-2022-0802 : Kubernetes kubectl cp Vulnerable to Symlink Attack in k8s.io/kubernetes
  
 
  
    GO-2022-0885 : Improper Authentication in Kubernetes in k8s.io/kubernetes
  
 
  
    GO-2022-0907 : Access Restriction Bypass in kube-apiserver in k8s.io/kubernetes
  
 
  
    GO-2022-0910 : Files or Directories Accessible to External Parties in kubernetes in k8s.io/kubernetes
  
 
  
    GO-2022-0983 : ANSI escape characters not filtered in kubectl in k8s.io/kubernetes
  
 
  
    GO-2023-1864 : Kubelet vulnerable to bypass of seccomp profile enforcement in k8s.io/kubernetes
  
 
  
    GO-2023-1891 : Vulnerable to policy bypass in kube-apiserver in k8s.io/kubernetes
  
 
  
    GO-2023-1892 : Kubernetes mountable secrets policy bypass in k8s.io/kubernetes
  
 
  
    GO-2023-2159 : Kube-proxy may unintentionally forward traffic in k8s.io/kubernetes
  
 
  
    GO-2023-2341 : Kubernetes Improper Input Validation vulnerability in k8s.io/kubernetes
  
 
  
    GO-2024-2748 : Privilege Escalation in Kubernetes in k8s.io/apimachinery
  
 
  
    GO-2024-2753 : Denial of service in Kubernetes in k8s.io/kubernetes
  
 
  
    GO-2024-2754 : Sensitive Information leak for users of Ceph RBD via Log File in k8s.io/kubernetes
  
 
  
    GO-2024-2755 : Sensitive Information leak for VSphere users via Log File in k8s.io/kubernetes
  
 
  
    GO-2024-2994 : Kubernetes sets incorrect permissions on Windows containers logs in k8s.io/kubernetes
  
 
  
    GO-2024-3277 : Kubernetes Nil pointer dereference in KCM after v1 HPA patch request in k8s.io/kubernetes
  
 
  
    GO-2025-3465 : Node Denial of Service via kubelet Checkpoint API in k8s.io/kubernetes
  
 
  
    GO-2025-3521 : Kubernetes GitRepo Volume Inadvertent Local Repository Access in k8s.io/kubernetes
  
 
  
    GO-2025-3522 : Kubernetes allows Command Injection affecting Windows nodes via nodes/*/logs/query API in k8s.io/kubernetes
  
 
  
    GO-2025-3547 : Kubernetes kube-apiserver Vulnerable to Race Condition in k8s.io/kubernetes
  
 
  
    GO-2025-3915 : Kubernetes Nodes can delete themselves by adding an OwnerReference in k8s.io/kubernetes
  
 
           
         
     
    
  
  
  
    
      
        
          
            Discover Packages 
           
        
          
            k8s.io/kubernetes 
           
        
          
            pkg 
           
        
          
            controller 
           
        
          
            certificates 
           
        
        
          
            rootcacertpublisher
           
          
            
               
          
        
       
     
   
  
    
  
    
       
    
    
      package 
    
    
      
        
           
      
    
   
    
      
  
    
      
  
    
      Version:  
        v1.15.13-beta.0
     
    
      Opens a new window with list of versions in this module.
    
    
    
   
      
  
    Published: May  6, 2020
   
      
  
    License: Apache-2.0 
      
    
   
  
    Opens a new window with license information.
  
      
        
  
    
      Imports:  16
     
   
  
    Opens a new window with list of imports.
  
        
  
    
       Imported by:  16
     
   
  
    Opens a new window with list of known importers.
  
      
    
   
  
  
    
   
 
    
      
    
    
  
  
    
      
        
          Documentation 
        
       
     
  
 
    
  
    
      
      
        
          
  
    
      ¶ 
     
    
  
    
  
    
      
        
 
  
    
      View Source const RootCACertConfigMapName = "kube-root-ca.crt"  
  RootCACertConfigMapName is name of the configmap which stores certificates
to access api-server
 
  
  
  
  
  
  
      
  
  
    
    
    
      type Publisher struct {
	
} 
     
  Publisher manages certificate ConfigMap objects inside Namespaces
    
  
  
    
    
    
  NewPublisher construct a new controller which would manage the configmap
which stores certificates in each namespace. It will make sure certificate
configmap exists in each namespace.
  
   
    
  
  
    
    
    
      func (c *Publisher ) Run(workers int , stopCh <-chan struct{}) 
     
  Run starts process
  
   
  
       
      
     
   
        
      
      
        
  
    
      ¶ 
     
   
      
      
     
   
   Click to show internal directories. 
   Click to hide internal directories.