 Affected by GO-2022-0617
             and 12 other vulnerabilities
 
            Affected by GO-2022-0617
             and 12 other vulnerabilities
          
          
            
  
     GO-2022-0617
 
    GO-2022-0617: WITHDRAWN: Potential proxy IP restriction bypass in Kubernetes in k8s.io/kubernetes
  
 
  
     GO-2022-0983
 
    GO-2022-0983: ANSI escape characters not filtered in kubectl in k8s.io/kubernetes
  
 
  
     GO-2023-1864
 
    GO-2023-1864: Kubelet vulnerable to bypass of seccomp profile enforcement in k8s.io/kubernetes
  
 
  
     GO-2023-1891
 
    GO-2023-1891: Vulnerable to policy bypass in kube-apiserver in k8s.io/kubernetes
  
 
  
     GO-2023-1892
 
    GO-2023-1892: Kubernetes mountable secrets policy bypass in k8s.io/kubernetes
  
 
  
     GO-2023-2341
 
    GO-2023-2341: Kubernetes Improper Input Validation vulnerability in k8s.io/kubernetes
  
 
  
     GO-2024-2994
 
    GO-2024-2994: Kubernetes sets incorrect permissions on Windows containers logs in k8s.io/kubernetes
  
 
  
     GO-2024-3277
 
    GO-2024-3277: Kubernetes Nil pointer dereference in KCM after v1 HPA patch request in k8s.io/kubernetes
  
 
  
     GO-2025-3465
 
    GO-2025-3465: Node Denial of Service via kubelet Checkpoint API in k8s.io/kubernetes
  
 
  
     GO-2025-3521
 
    GO-2025-3521: Kubernetes GitRepo Volume Inadvertent Local Repository Access in k8s.io/kubernetes
  
 
  
     GO-2025-3522
 
    GO-2025-3522: Kubernetes allows Command Injection affecting Windows nodes via nodes/*/logs/query API in k8s.io/kubernetes
  
 
  
     GO-2025-3547
 
    GO-2025-3547: Kubernetes kube-apiserver Vulnerable to Race Condition in k8s.io/kubernetes
  
 
  
     GO-2025-3915
 
    GO-2025-3915: Kubernetes Nodes can delete themselves by adding an OwnerReference in k8s.io/kubernetes
  
 
           
         
     
    
  
  
  
  
    
  
    
       package
    
    
    
      package
    
    
      
        
      
    
   
    
      
  
    
      
  
    
      Version: 
        v1.24.0-beta.0
    
    
      Opens a new window with list of versions in this module.
    
    
    
  
      
  
    Published: Mar 31, 2022
  
      
  
    License: Apache-2.0
      
    
  
  
    Opens a new window with license information.
  
      
        
  
    
      Imports: 6
    
  
  
    Opens a new window with list of imports.
  
        
  
    
       Imported by: 0
    
  
  
    Opens a new window with list of known importers.
  
      
    
   
  
  
    
   
    
      
    
    
    
  
    
      
      
        
          
  
    
       Documentation
      ¶
      Documentation
      ¶
    
    
  
    
  
    
      
        
 
  
    
  PluginName indicates name of admission plugin.
  
  
  
  
	  
  
  
    
    
    
  Register registers a plugin
  
         
  
  
      
  
  
    
    
    
  Plugin implements admission.Interface.
    
  
  
    
    
    
      func NewSecurityContextDeny() *Plugin
     
  NewSecurityContextDeny creates a new instance of the SecurityContextDeny admission controller
  
   
    
  
  
    
    
    
  Validate will deny any pod that defines SupplementalGroups, SELinuxOptions, RunAsUser or FSGroup
  
   
  
       
      
     
   
        
      
      
        
  
    
       Source Files
      ¶
      Source Files
      ¶
    
   
      
      
     
   
   Click to show internal directories. 
   Click to hide internal directories.