Affected by GO-2022-0617
and 18 other vulnerabilities
GO-2022-0617: WITHDRAWN: Potential proxy IP restriction bypass in Kubernetes in k8s.io/kubernetes
GO-2022-0885: Improper Authentication in Kubernetes in k8s.io/kubernetes
GO-2022-0890: Server Side Request Forgery (SSRF) in Kubernetes in k8s.io/kubernetes
GO-2022-0907: Access Restriction Bypass in kube-apiserver in k8s.io/kubernetes
GO-2022-0908: Incomplete List of Disallowed Inputs in Kubernetes in k8s.io/kubernetes
GO-2022-0910: Files or Directories Accessible to External Parties in kubernetes in k8s.io/kubernetes
GO-2022-0983: kubectl ANSI escape characters not filtered in k8s.io/kubernetes
GO-2023-1864: Kubelet vulnerable to bypass of seccomp profile enforcement in k8s.io/kubernetes
GO-2023-1891: kube-apiserver vulnerable to policy bypass in k8s.io/kubernetes
GO-2023-1892: Kubernetes mountable secrets policy bypass in k8s.io/kubernetes
GO-2023-2159: Kube-proxy may unintentionally forward traffic in k8s.io/kubernetes
GO-2023-2170: Kubernetes privilege escalation vulnerability in k8s.io/kubernetes
GO-2023-2330: Kubernetes privilege escalation vulnerability in k8s.io/kubernetes
GO-2023-2341: Kubernetes Improper Input Validation vulnerability in k8s.io/kubernetes
GO-2024-2748: Privilege Escalation in Kubernetes in k8s.io/apimachinery
GO-2024-2753: Denial of service in Kubernetes in k8s.io/kubernetes
GO-2024-2754: Sensitive Information leak via Log File in Kubernetes in k8s.io/kubernetes
GO-2024-2755: Sensitive Information leak via Log File in Kubernetes in k8s.io/kubernetes
GO-2024-2994: Kubernetes sets incorrect permissions on Windows containers logs in k8s.io/kubernetes
package
Version:
v1.18.1-beta.0
Opens a new window with list of versions in this module.
Published: Mar 25, 2020
License: Apache-2.0
Opens a new window with license information.
Imports: 4
Opens a new window with list of imports.
Imported by: 0
Opens a new window with list of known importers.
Documentation
¶
Package configz serves ComponentConfig objects from running components.
Each component that wants to serve its ComponentConfig creates a Config
object, and the program should call InstallHandler once. e.g.,
func main() {
boatConfig := getBoatConfig()
planeConfig := getPlaneConfig()
bcz, err := configz.New("boat")
if err != nil {
panic(err)
}
bcz.Set(boatConfig)
pcz, err := configz.New("plane")
if err != nil {
panic(err)
}
pcz.Set(planeConfig)
configz.InstallHandler(http.DefaultServeMux)
http.ListenAndServe(":8080", http.DefaultServeMux)
}
Delete removes the named ComponentConfig from this package's "/configz"
handler.
func InstallHandler(m mux)
InstallHandler adds an HTTP handler on the given mux for the "/configz"
endpoint which serves all registered ComponentConfigs in JSON format.
Config is a handle to a ComponentConfig object. Don't create these directly;
use New() instead.
New creates a Config object with the given name. Each Config is registered
with this package's "/configz" handler.
MarshalJSON marshals the ComponentConfig as JSON data.
func (v *Config) Set(val interface{})
Set sets the ComponentConfig for this Config.
Source Files
¶
Click to show internal directories.
Click to hide internal directories.