CVE-2023-48312
CVE-2023-48312 affects capsule-proxy (capsule operator project). A privilege-escalation vulnerability arises from a missing check on user authentication based on TokenReview, enabling bypass of the token review mechanism on Kubernetes API servers where anonymous-auth is disabled. Impact: unauthor...