Capsule TenantResource RawItems Cluster-Scoped Resource Creation Vulnerability

TenantResource RawItems Cluster-Scoped Resource Creation Vulnerability Summary The Capsule Controller runs with cluster-admin privileges. Although the TenantResource RawItems processing logic forcibly sets the namespace, this is ineffective for cluster-scoped resources. Tenant administrators can...

PT-2026-44721

Name of the Vulnerable Software and Affected Versions Capsule versions prior to 0.13.0 Description The Capsule Controller runs with cluster-admin privileges. A flaw exists in the HandleSection function within the internal/controllers/resources/processor.go file, where the processing logic for...