Количество 2
Количество 2
CVE-2024-39690
Capsule is a multi-tenancy and policy-based framework for Kubernetes. In Capsule v0.7.0 and earlier, the tenant-owner can patch any arbitrary namespace that has not been taken over by a tenant (i.e., namespaces without the ownerReference field), thereby gaining control of that namespace. Version 0.7.1 contains a patch.
GHSA-mq69-4j5w-3qwp
Capsule tenant owner with "patch namespace" permission can hijack system namespaces
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2024-39690 Capsule is a multi-tenancy and policy-based framework for Kubernetes. In Capsule v0.7.0 and earlier, the tenant-owner can patch any arbitrary namespace that has not been taken over by a tenant (i.e., namespaces without the ownerReference field), thereby gaining control of that namespace. Version 0.7.1 contains a patch. | CVSS3: 8.4 | 0% Низкий | больше 1 года назад |
| GHSA-mq69-4j5w-3qwp Capsule tenant owner with "patch namespace" permission can hijack system namespaces | CVSS3: 8.4 | 0% Низкий | больше 1 года назад |
Уязвимостей на страницу