Affected by GO-2025-3696 and 1 other vulnerabilities

GO-2025-3696: Gardener allows bypassing project secret validation which can lead to privilege escalation in github.com/gardener/gardener

GO-2025-3698: Gardener allows metadata injection for a project secret which can lead to privilege escalation in github.com/gardener/gardener

bootstrappers

package

v1.96.3 Latest Latest Go to latest Published: Jun 10, 2024 License: Apache-2.0 Imports: 8 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/gardener/gardener

Links

Documentation ¶

Index ¶

Variables
func VerifyGardenerVersion(ctx context.Context, log logr.Logger, client client.Reader) error

Constants ¶

This section is empty.

Variables ¶

View Source

var GetCurrentVersion = version.Get

GetCurrentVersion returns the current version. Exposed for testing.

Functions ¶

func VerifyGardenerVersion ¶

func VerifyGardenerVersion(ctx context.Context, log logr.Logger, client client.Reader) error

VerifyGardenerVersion verifies that the operator's version is not lower and not more than one version higher than the version last operated on a Garden.

Types ¶

This section is empty.

Source Files ¶

View all Source files

verify_version.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL