Lucene search
K

8 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-25141

Malicious code in bioql PyPI...

9CVSS6.3AI score0.00437EPSS
Exploits0References4
Veracode
Veracode
added 2025/09/09 7:48 a.m.5 views

Namespace Label Injection

github.com/projectcapsule/capsule is vulnerable to namespace label injection. The vulnerability is due to improper validation of labels in system namespaces, which allows an attacker to inject arbitrary labels, bypass multi-tenant isolation, and escalate privileges to access cross-tenant resource...

9CVSS7.1AI score0.00437EPSS
Exploits0References4Affected Software1
RedhatCVE
RedhatCVE
added 2025/08/20 5:33 p.m.17 views

CVE-2025-55205

Capsule is a multi-tenancy and policy-based framework for Kubernetes. A namespace label injection vulnerability in Capsule v0.10.3 and earlier allows authenticated tenant users to inject arbitrary labels into system namespaces kube-system, default, capsule-system, bypassing multi-tenant isolation...

9CVSS6.7AI score0.00437EPSS
Exploits0References1
NVD
NVD
added 2025/08/18 5:15 p.m.5 views

CVE-2025-55205

Capsule is a multi-tenancy and policy-based framework for Kubernetes. A namespace label injection vulnerability in Capsule v0.10.3 and earlier allows authenticated tenant users to inject arbitrary labels into system namespaces kube-system, default, capsule-system, bypassing multi-tenant isolation...

9CVSS0.00437EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/08/18 4:28 p.m.3 views

CVE-2025-55205 Capsule tenant owners with "patch namespace" permission can hijack system namespaces label

Capsule is a multi-tenancy and policy-based framework for Kubernetes. A namespace label injection vulnerability in Capsule v0.10.3 and earlier allows authenticated tenant users to inject arbitrary labels into system namespaces kube-system, default, capsule-system, bypassing multi-tenant isolation...

9CVSS7.5AI score0.00437EPSS
Exploits0References2
CVE
CVE
added 2025/08/18 4:28 p.m.31 views

CVE-2025-55205

CVE-2025-55205 concerns Capsule (Kubernetes multi-tenant framework). Affected: Capsule v0.10.3 and earlier; fixed in v0.10.4. Vulnerability: authenticated tenant users can inject arbitrary labels into system namespaces (e.g., kube-system, default, capsule-system) via namespace labeling, bypassing...

9CVSS7AI score0.00437EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/08/18 12:0 a.m.7 views

Capsule 安全漏洞

Capsule is a multi-tenant and policy-based framework for Kubernetes open-sourced by Project Capsule. A security vulnerability exists in Capsule 0.10.3 and earlier versions that stems from a namespace label injection vulnerability that could lead to elevation of privilege and cross-tenant resource...

9CVSS7.3AI score0.00437EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/08/18 12:0 a.m.3 views

PT-2025-33668

Name of the Vulnerable Software and Affected Versions: Capsule versions prior to 0.10.4 Description: Capsule is a multi-tenancy and policy-based framework for Kubernetes. A namespace label injection issue in earlier versions allows authenticated tenant users to inject arbitrary labels into system...

9CVSS6.9AI score0.00437EPSS
Exploits0References18
Rows per page
Query Builder