3 matches found
CVE-2024-39690
Summary: CVE-2024-39690 affects Capsule (Kubernetes multi-tenant framework) and describes an authorization bypass where a tenant-owner with the ability to patch a namespace can hijack system namespaces (kube-system, default, capsule-system) if the namespace has not been taken over by a tenant. In...
CVE-2026-22872
CVE-2026-22872 affects Capsule, a Kubernetes multi-tenant framework. The Capsule Controller runs with cluster-admin privileges. The vulnerability lies in TenantResource RawItems processing: the code sets the namespace on deserialized objects, but this is ignored for cluster-scoped resources, allo...
CVE-2026-30963
Capsule (a Kubernetes multi-tenancy framework) relied on a webhook to validate namespace updates, but prior to v0.13.0 it did not intercept namespace/status or namespace/finalize subresource changes. This omission enables a tenant with permission to modify those subresources to hijack other names...