Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
ClastixCapsule-proxy

3 matches found

CVE
CVEadded 2022/02/22 8:15 p.m.719 views

CVE-2022-23652

capsule-proxy is a reverse proxy for Capsule Operator which provides multi-tenancy in Kubernetes. In versions prior to 0.2.1 an attacker with a proper authentication mechanism may use a malicious Connection header to start a privilege escalation attack towards the Kubernetes API Server. This vulner...

8.8CVSS8.8AI score0.00366EPSS
CVE
CVEadded 2023/11/06 7:15 p.m.37 views

CVE-2023-46254

capsule-proxy is a reverse proxy for Capsule kubernetes multi-tenancy framework. A bug in the RoleBinding reflector used by capsule-proxy gives ServiceAccount tenant owners the right to list Namespaces of other tenants backed by the same owner kind and name. For example consider two tenants solar a...

4.3CVSS4.6AI score0.00233EPSS
CVE
CVEadded 2023/11/24 6:15 p.m.37 views

CVE-2023-48312

capsule-proxy is a reverse proxy for the capsule operator project. Affected versions are subject to a privilege escalation vulnerability which is based on a missing check if the user is authenticated based on the TokenReview result. All the clusters running with the anonymous-auth Kubernetes API Se...

9.8CVSS9.5AI score0.00065EPSS