33 matches found
EUVD-2023-2961
Malicious code in bioql PyPI...
EUVD-2022-0936
Malicious code in bioql PyPI...
CVE-2022-23652
capsule-proxy is a reverse proxy for Capsule Operator which provides multi-tenancy in Kubernetes. In versions prior to 0.2.1 an attacker with a proper authentication mechanism may use a malicious Connection header to start a privilege escalation attack towards the Kubernetes API Server. This...
GO-2022-0329 Improper Authentication in Capsule Proxy in github.com/clastix/capsule-proxy
Improper Authentication in Capsule Proxy in github.com/clastix/capsule-proxy...
GO-2023-2351 Capsule Proxy Authentication bypass using an empty token in github.com/projectcapsule/capsule-proxy
Capsule Proxy Authentication bypass using an empty token in github.com/projectcapsule/capsule-proxy...
CVE-2023-48312
capsule-proxy is a reverse proxy for the capsule operator project. Affected versions are subject to a privilege escalation vulnerability which is based on a missing check if the user is authenticated based on the TokenReview result. All the clusters running with the anonymous-auth Kubernetes API...
Privilege escalation
capsule-proxy is a reverse proxy for the capsule operator project. Affected versions are subject to a privilege escalation vulnerability which is based on a missing check if the user is authenticated based on the TokenReview result. All the clusters running with the anonymous-auth Kubernetes API...
CVE-2023-48312 Authentication bypass using an empty token in capsule-proxy
capsule-proxy is a reverse proxy for the capsule operator project. Affected versions are subject to a privilege escalation vulnerability which is based on a missing check if the user is authenticated based on the TokenReview result. All the clusters running with the anonymous-auth Kubernetes API...
CVE-2023-48312 Authentication bypass using an empty token in capsule-proxy
capsule-proxy is a reverse proxy for the capsule operator project. Affected versions are subject to a privilege escalation vulnerability which is based on a missing check if the user is authenticated based on the TokenReview result. All the clusters running with the anonymous-auth Kubernetes API...
CVE-2023-48312
CVE-2023-48312 affects capsule-proxy (capsule operator project). A privilege-escalation vulnerability arises from a missing check on user authentication based on TokenReview, enabling bypass of the token review mechanism on Kubernetes API servers where anonymous-auth is disabled. Impact: unauthor...
GHSA-FPVW-6M5V-HQFP Capsule Proxy Authentication bypass using an empty token
The privilege escalation is based on a missing check if the user is authenticated based on the TokenReview result. All the clusters running with the anonymous-auth Kubernetes API Server setting disable set to false are affected since it would be possible to bypass the token review mechanism,...
Capsule Proxy Authentication bypass using an empty token
The privilege escalation is based on a missing check if the user is authenticated based on the TokenReview result. All the clusters running with the anonymous-auth Kubernetes API Server setting disable set to false are affected since it would be possible to bypass the token review mechanism,...
capsule-proxy Authorization Issues Vulnerability
capsule-proxy is allowed to overcome the limitations of the Kubernetes API Server in listing the cluster-wide resources it owns, such as Namespace, Ingress and Storage Classes, Nodes, and other resources covered by Capsule. An authorization issue vulnerability exists in capsule-proxy version 0.4....
PT-2023-30775 · Unknown · Capsule-Proxy
Name of the Vulnerable Software and Affected Versions: capsule-proxy versions prior to 0.4.6 Description: The issue is a privilege escalation vulnerability based on a missing check if the user is authenticated based on the TokenReview result. This affects clusters running with the anonymous-auth...
GHSA-6758-979H-249X capsule-proxy service discloses Namespaces of colliding tenants to owners of different tenants with the same ServiceAccount name
Summary A bug in the RoleBinding reflector used by capsule-proxy gives ServiceAccount tenant owners the right to list Namespaces of other tenants backed by the same owner kind and name. Details - Tenant solar, owned by a ServiceAccount named tenant-owner in the Namespace solar - Tenant wind, owne...
capsule-proxy service discloses Namespaces of colliding tenants to owners of different tenants with the same ServiceAccount name
Summary A bug in the RoleBinding reflector used by capsule-proxy gives ServiceAccount tenant owners the right to list Namespaces of other tenants backed by the same owner kind and name. Details - Tenant solar, owned by a ServiceAccount named tenant-owner in the Namespace solar - Tenant wind, owne...
CVE-2023-46254
capsule-proxy is a reverse proxy for Capsule kubernetes multi-tenancy framework. A bug in the RoleBinding reflector used by capsule-proxy gives ServiceAccount tenant owners the right to list Namespaces of other tenants backed by the same owner kind and name. For example consider two tenants solar...
Privilege escalation
capsule-proxy is a reverse proxy for Capsule kubernetes multi-tenancy framework. A bug in the RoleBinding reflector used by capsule-proxy gives ServiceAccount tenant owners the right to list Namespaces of other tenants backed by the same owner kind and name. For example consider two tenants solar...
CVE-2023-46254 Service accounts can see namespaces of other tenants in capsule-proxy
capsule-proxy is a reverse proxy for Capsule kubernetes multi-tenancy framework. A bug in the RoleBinding reflector used by capsule-proxy gives ServiceAccount tenant owners the right to list Namespaces of other tenants backed by the same owner kind and name. For example consider two tenants solar...
CVE-2023-46254 Service accounts can see namespaces of other tenants in capsule-proxy
capsule-proxy is a reverse proxy for Capsule kubernetes multi-tenancy framework. A bug in the RoleBinding reflector used by capsule-proxy gives ServiceAccount tenant owners the right to list Namespaces of other tenants backed by the same owner kind and name. For example consider two tenants solar...