Affected by GO-2022-0617
and 16 other vulnerabilities
GO-2022-0617: WITHDRAWN: Potential proxy IP restriction bypass in Kubernetes in k8s.io/kubernetes
GO-2022-0907: Access Restriction Bypass in kube-apiserver in k8s.io/kubernetes
GO-2022-0908: Incomplete List of Disallowed Inputs in Kubernetes in k8s.io/kubernetes
GO-2022-0910: Files or Directories Accessible to External Parties in kubernetes in k8s.io/kubernetes
GO-2022-0983: ANSI escape characters not filtered in kubectl in k8s.io/kubernetes
GO-2023-1864: Kubelet vulnerable to bypass of seccomp profile enforcement in k8s.io/kubernetes
GO-2023-1891: Vulnerable to policy bypass in kube-apiserver in k8s.io/kubernetes
GO-2023-1892: Kubernetes mountable secrets policy bypass in k8s.io/kubernetes
GO-2023-2159: Kube-proxy may unintentionally forward traffic in k8s.io/kubernetes
GO-2023-2341: Kubernetes Improper Input Validation vulnerability in k8s.io/kubernetes
GO-2024-2994: Kubernetes sets incorrect permissions on Windows containers logs in k8s.io/kubernetes
GO-2024-3277: Kubernetes Nil pointer dereference in KCM after v1 HPA patch request in k8s.io/kubernetes
GO-2025-3465: Node Denial of Service via kubelet Checkpoint API in k8s.io/kubernetes
GO-2025-3521: Kubernetes GitRepo Volume Inadvertent Local Repository Access in k8s.io/kubernetes
GO-2025-3522: Kubernetes allows Command Injection affecting Windows nodes via nodes/*/logs/query API in k8s.io/kubernetes
GO-2025-3547: Kubernetes kube-apiserver Vulnerable to Race Condition in k8s.io/kubernetes
GO-2025-3915: Kubernetes Nodes can delete themselves by adding an OwnerReference in k8s.io/kubernetes
package
Version:
v1.20.0
Opens a new window with list of versions in this module.
Published: Dec 4, 2020
License: Apache-2.0
Opens a new window with license information.
Imports: 11
Opens a new window with list of imports.
Imported by: 5
Opens a new window with list of known importers.
Documentation
¶
PluginName is a string with the name of the plugin
Register registers a plugin
Plugin holds state for and implements the admission plugin.
NewPlugin creates a new CSR approval admission plugin
SetAuthorizer sets the authorizer.
Validate verifies that the requesting user has permission to sign
CertificateSigningRequests for the specified signerName.
ValidateInitialization ensures an authorizer is set.
Source Files
¶
Click to show internal directories.
Click to hide internal directories.