A security issue was discovered in aws-iam-authenticator where an allow-listed IAM identity may be able to modify their username and escalate privileges.
CPE | Name | Operator | Version |
---|---|---|---|
go/sigs.k8s.io/aws-iam-authenticator | lt | 0.5.9 |
github.com/advisories/GHSA-pp3f-98qg-5g75
github.com/kubernetes-sigs/aws-iam-authenticator/issues/472
github.com/kubernetes-sigs/aws-iam-authenticator/pull/469
github.com/kubernetes-sigs/aws-iam-authenticator/releases/tag/v0.5.9
groups.google.com/a/kubernetes.io/g/dev/c/EMxHpU-1ZYs
nvd.nist.gov/vuln/detail/CVE-2022-2385