Lucene search

CVE-2022-46167

🗓️ 02 Dec 2022 19:11:15Reported by [email protected]Type

Capsule Kubernetes framework allows unauthorized ServiceAccount to bypass security enforcement prior to version 0.1.

Reporter	Title	Published	Views	Family All 9
Cvelist	CVE-2022-46167 Capsule vulnerable to privilege escalation by ServiceAccount deployed in a Tenant Namespace	2 Dec 202218:22	–	cvelist
Veracode	Privilege Escalation	5 Dec 202205:43	–	veracode
RedhatCVE	CVE-2022-46167	5 Feb 202521:00	–	redhatcve
OSV	Capsule vulnerable to privilege escalation by ServiceAccount deployed in a Tenant Namespace	5 Dec 202223:08	–	osv
OSV	GO-2022-1135 Capsule vulnerable to privilege escalation by ServiceAccount deployed in a Tenant Namespace in github.com/clastix/capsule	21 Aug 202416:03	–	osv
OSV	CVE-2022-46167	2 Dec 202219:15	–	osv
CVE	CVE-2022-46167	2 Dec 202219:15	–	cve
Prion	Design/Logic Flaw	2 Dec 202219:15	–	prion
Github Security Blog	Capsule vulnerable to privilege escalation by ServiceAccount deployed in a Tenant Namespace	5 Dec 202223:08	–	github

Nvd

Node

clastix capsuleRange<0.1.3

Source	Link
github	www.github.com/clastix/capsule/security/advisories/GHSA-x45c-cvp8-q4fm
github	www.github.com/clastix/capsule/commit/75525ac19254b0c5111e34d7985e2be7bc8b1ac1
github	www.github.com/clastix/capsule/releases/tag/v0.1.3
github	www.github.com/clastix/capsule/commit/1df430e71be8c4778c82eca3459978ad7d0b4b7b

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

02 Dec 2022 19:15Current

CVSS38.8

EPSS0.00139

CWE-863