CVE-2022-0270
CVE-2022-0270 affects bored-agent before v0.6.1. Root cause: failure to sanitize incoming Kubernetes impersonation headers, allowing a user to override the assigned username and groups. Impact: credential/user identity spoofing with high severity (CVSSv3.1 base 8.8; confidentiality, integrity, an...