Capsule is a multi-tenancy and policy-based framework for Kubernetes. In Capsule v0.7.0 and earlier, the tenant-owner can patch any arbitrary namespace that has not been taken over by a tenant (i.e., namespaces without the ownerReference field), thereby gaining control of that namespace.
References
Configurations
History
21 Aug 2024, 16:01
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-08-20 15:15
Updated : 2024-08-21 16:01
NVD link : CVE-2024-39690
Mitre link : CVE-2024-39690
CVE.ORG link : CVE-2024-39690
JSON object : View
Products Affected
projectcapsule
- capsule
CWE
CWE-863
Incorrect Authorization