Lucene search
K

4 matches found

Vulnrichment
Vulnrichment
added 2025/08/18 4:28 p.m.3 views

CVE-2025-55205 Capsule tenant owners with "patch namespace" permission can hijack system namespaces label

Capsule is a multi-tenancy and policy-based framework for Kubernetes. A namespace label injection vulnerability in Capsule v0.10.3 and earlier allows authenticated tenant users to inject arbitrary labels into system namespaces kube-system, default, capsule-system, bypassing multi-tenant isolation...

9CVSS7.5AI score0.00437EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/08/20 12:0 a.m.6 views

PT-2024-28629 · Capsule · Capsule

Name of the Vulnerable Software and Affected Versions: Capsule versions 0.7.0 and earlier Description: The issue allows a tenant-owner to patch any arbitrary namespace that has not been taken over by a tenant, thereby gaining control of that namespace. This is possible because namespaces without...

8.8CVSS7.4AI score0.0051EPSS
Exploits1References12
OSV
OSV
added 2023/09/24 1:15 a.m.7 views

CVE-2023-1260

An authentication bypass vulnerability was discovered in kube-apiserver. This issue could allow a remote, authenticated attacker who has been given permissions "update, patch" the "pods/ephemeralcontainers" subresource beyond what the default is. They would then need to create a new pod or patch...

8CVSS5.8AI score0.01569EPSS
Exploits0References9
RedHat Linux
RedHat Linux
added 2023/09/06 1:21 a.m.5 views

kube-apiserver: PrivEsc

An authentication bypass vulnerability was discovered in kube-apiserver. This issue could allow a remote, authenticated attacker who has been given permissions "update, patch" the "pods/ephemeralcontainers" subresource beyond what the default is. They would then need to create a new pod or patch...

8CVSS5.8AI score0.01569EPSS
Exploits0References5
Rows per page
Query Builder