Go modules package
github.com/projectcapsule/capsule-proxy
pkg:golang/github.com/projectcapsule/capsule-proxy
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-48312 | — | < 0.4.6 | 0.4.6 | Nov 24, 2023 | capsule-proxy is a reverse proxy for the capsule operator project. Affected versions are subject to a privilege escalation vulnerability which is based on a missing check if the user is authenticated based on the `TokenReview` result. All the clusters running with the `anonymous- | ||
| CVE-2023-46254 | — | < 0.4.5 | 0.4.5 | Nov 6, 2023 | capsule-proxy is a reverse proxy for Capsule kubernetes multi-tenancy framework. A bug in the RoleBinding reflector used by `capsule-proxy` gives ServiceAccount tenant owners the right to list Namespaces of other tenants backed by the same owner kind and name. For example conside |
- CVE-2023-48312Nov 24, 2023affected < 0.4.6fixed 0.4.6
capsule-proxy is a reverse proxy for the capsule operator project. Affected versions are subject to a privilege escalation vulnerability which is based on a missing check if the user is authenticated based on the `TokenReview` result. All the clusters running with the `anonymous-
- CVE-2023-46254Nov 6, 2023affected < 0.4.5fixed 0.4.5
capsule-proxy is a reverse proxy for Capsule kubernetes multi-tenancy framework. A bug in the RoleBinding reflector used by `capsule-proxy` gives ServiceAccount tenant owners the right to list Namespaces of other tenants backed by the same owner kind and name. For example conside