Openshift api admission checks does not enforce "custom-host" permissions
A flaw was found in OpenShift API, as admission checks do not enforce "custom-host" permissions. This issue could allow an attacker to violate the boundaries, as permissions will not be applied.
Affected products
Matching in nixpkgs
pkgs.openshift
Build, deploy, and manage your applications with Docker and Kubernetes
-
nixos-unstable -
- nixpkgs-unstable 4.16.0
pkgs.kubernetes
Production-Grade Container Scheduling and Management
-
nixos-unstable -
- nixpkgs-unstable 1.33.4
pkgs.kubernetes-kcp
Kubernetes-like control planes for form-factors and use-cases beyond Kubernetes and container workloads
-
nixos-unstable -
- nixpkgs-unstable 0.28.1
pkgs.kubernetes-helm
Package manager for kubernetes
-
nixos-unstable -
- nixpkgs-unstable 3.19.0
pkgs.kubernetes-polaris
Validate and remediate Kubernetes resources to ensure configuration best practices are followed
-
nixos-unstable -
- nixpkgs-unstable 10.1.1
pkgs.kubernetes-validate
Module to validate Kubernetes resource definitions against the declared Kubernetes schemas
-
nixos-unstable -
- nixpkgs-unstable 1.33.1
pkgs.kubernetes-metrics-server
Kubernetes container resource metrics collector
-
nixos-unstable -
- nixpkgs-unstable 0.6.4
pkgs.python312Packages.openshift
Python client for the OpenShift API
-
nixos-unstable -
- nixpkgs-unstable 0.13.2
pkgs.python313Packages.openshift
Python client for the OpenShift API
-
nixos-unstable -
- nixpkgs-unstable 0.13.2
pkgs.python312Packages.kubernetes
Kubernetes Python client
-
nixos-unstable -
- nixpkgs-unstable 33.1.0
pkgs.python313Packages.kubernetes
Kubernetes Python client
-
nixos-unstable -
- nixpkgs-unstable 33.1.0
pkgs.dhallPackages.dhall-kubernetes
None
-
nixos-unstable -
- nixpkgs-unstable 3.0.0-3c6d09a9409977cdde58a091d76a6d20509ca4b0
pkgs.haskellPackages.kubernetes-api
Auto-generated kubernetes-api API Client
-
nixos-unstable -
- nixpkgs-unstable 132.0.0
pkgs.terraform-providers.kubernetes
None
-
nixos-unstable -
- nixpkgs-unstable 2.38.0
pkgs.python312Packages.kubernetes-asyncio
Python asynchronous client library for Kubernetes http://kubernetes.io
-
nixos-unstable -
- nixpkgs-unstable 33.3.0
pkgs.python313Packages.kubernetes-asyncio
Python asynchronous client library for Kubernetes http://kubernetes.io
-
nixos-unstable -
- nixpkgs-unstable 33.3.0
pkgs.haskellPackages.kubernetes-api-client
Client library for Kubernetes
-
nixos-unstable -
- nixpkgs-unstable 0.6.1.1
pkgs.python312Packages.kubernetes-validate
Module to validate Kubernetes resource definitions against the declared Kubernetes schemas
-
nixos-unstable -
- nixpkgs-unstable 1.33.1
pkgs.python313Packages.kubernetes-validate
Module to validate Kubernetes resource definitions against the declared Kubernetes schemas
-
nixos-unstable -
- nixpkgs-unstable 1.33.1
pkgs.python312Packages.azure-mgmt-redhatopenshift
Microsoft Azure Red Hat Openshift Management Client Library for Python
-
nixos-unstable -
- nixpkgs-unstable 2.0.0
pkgs.python313Packages.azure-mgmt-redhatopenshift
Microsoft Azure Red Hat Openshift Management Client Library for Python
-
nixos-unstable -
- nixpkgs-unstable 2.0.0
-
nixos-unstable -
- nixpkgs-unstable 1.3.26
Package maintainers
-
@johanot Johan Thomsen <write@ownrisk.dk>
-
@saschagrunert Sascha Grunert <mail@saschagrunert.de>
-
@offlinehacker Jaka Hudoklin <jaka@x-truder.net>
-
@srhb Sarah Brofeldt <sbrofeldt@gmail.com>
-
@rlupton20 Richard Lupton <richard.lupton@gmail.com>
-
@edude03 Michael Francis <michael@melenion.com>
-
@techknowlogick techknowlogick <techknowlogick@gitea.com>
-
@Chili-Man Diego Rodriguez <dr.elhombrechile@gmail.com>
-
@Frostman Sergei Lukianov <me@slukjanov.name>
-
@rytswd Ryota <rytswd@gmail.com>
-
@eskytthe Erik Skytthe <eskytthe@gmail.com>
-
@LongerHV Michał Mieszczak <michal@mieszczak.com.pl>
-
@Lykos153 Silvio Ankermann <silvio.ankermann@cloudandheat.com>
-
@stehessel Stephan Heßelmann <stephan@stehessel.de>
-
@moretea Maarten Hoogendoorn <maarten@moretea.nl>
-
@lsix Lancelot SIX <lsix@lancelotsix.com>
-
@GaetanLepage Gaetan Lepage <gaetan@glepage.com>
-
@teto Matthieu Coudron <mcoudron@hotmail.com>