3 matches found
CVE-2022-46167
Capsule is a multi-tenancy and policy-based framework for Kubernetes. Prior to version 0.1.3, a ServiceAccount deployed in a Tenant Namespace, when granted with PATCH capabilities on its own Namespace, is able to edit it and remove the Owner Reference, breaking the reconciliation of the Capsule...
CVE-2022-46167 Capsule vulnerable to privilege escalation by ServiceAccount deployed in a Tenant Namespace
Capsule is a multi-tenancy and policy-based framework for Kubernetes. Prior to version 0.1.3, a ServiceAccount deployed in a Tenant Namespace, when granted with PATCH capabilities on its own Namespace, is able to edit it and remove the Owner Reference, breaking the reconciliation of the Capsule...
CVE-2022-46167
CVE-2022-46167 affects Capsule (Kubernetes multi-tenant/policy framework). Before v0.1.3, a ServiceAccount in a Tenant Namespace granted PATCH on its own Namespace can edit/delete the OwnerReference, breaking Capsule Operator reconciliation and removing Pod Security annotations, Network Policies,...