Go modules package
github.com/clastix/capsule-proxy
pkg:golang/github.com/clastix/capsule-proxy
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-48312 | — | < 0.4.6 | 0.4.6 | Nov 24, 2023 | capsule-proxy is a reverse proxy for the capsule operator project. Affected versions are subject to a privilege escalation vulnerability which is based on a missing check if the user is authenticated based on the `TokenReview` result. All the clusters running with the `anonymous- | ||
| CVE-2022-23652 | — | < 0.2.1 | 0.2.1 | Feb 22, 2022 | capsule-proxy is a reverse proxy for Capsule Operator which provides multi-tenancy in Kubernetes. In versions prior to 0.2.1 an attacker with a proper authentication mechanism may use a malicious `Connection` header to start a privilege escalation attack towards the Kubernetes AP |
- CVE-2023-48312Nov 24, 2023affected < 0.4.6fixed 0.4.6
capsule-proxy is a reverse proxy for the capsule operator project. Affected versions are subject to a privilege escalation vulnerability which is based on a missing check if the user is authenticated based on the `TokenReview` result. All the clusters running with the `anonymous-
- CVE-2022-23652Feb 22, 2022affected < 0.2.1fixed 0.2.1
capsule-proxy is a reverse proxy for Capsule Operator which provides multi-tenancy in Kubernetes. In versions prior to 0.2.1 an attacker with a proper authentication mechanism may use a malicious `Connection` header to start a privilege escalation attack towards the Kubernetes AP