github.com/spidernet-io/spiderpool is vulnerable to Incorrect access control. The vulnerability is due to improper clusterRole configurations, which allows a local attackers to execute arbitrary code by using crafted commands to access token components, potentially compromising the entire Kubernetes cluster.
CPE | Name | Operator | Version |
---|---|---|---|
github.com/spidernet-io/spiderpool | le | v0.9.3 | |
github.com/spidernet-io/spiderpool | le | v0.9.3 |