github.com/open-feature/open-feature-operator is vulnerable to Privilege Escalation. The vulnerability exists due to lack of restrictions configured on open-feature-operator-controller-manager
which allows a malicious attacker to gain access and read cluster data including secrets.
CPE | Name | Operator | Version |
---|---|---|---|
github.com/open-feature/open-feature-operator | le | v0.2.31 | |
github.com/open-feature/open-feature-operator | le | v0.2.31 |
github.com/advisories/GHSA-cwf6-xj49-wp83
github.com/open-feature/open-feature-operator/commit/6f1f93c98c7b8fbee534cc7db63fc396fa5b73c7
github.com/open-feature/open-feature-operator/pull/436
github.com/open-feature/open-feature-operator/releases/tag/v0.2.32
github.com/open-feature/open-feature-operator/security/advisories/GHSA-cwf6-xj49-wp83