Prior to v0.6.1, bored-agent failed to sanitize incoming kubernetes impersonation headers allowing a user to override assigned user name and groups.
CPE | Name | Operator | Version |
---|---|---|---|
bored-agent | eq | 0.5.5 | |
bored-agent | eq | 0.1.0 | |
bored-agent | eq | 0.4.0 | |
bored-agent | eq | 0.2.0 | |
bored-agent | eq | 0.6.0 | |
bored-agent | eq | 0.5.3 | |
bored-agent | eq | 0.4.2 | |
bored-agent | eq | 0.4.1 | |
bored-agent | eq | 0.5.4 | |
bored-agent | eq | 0.5.2 |