Capsule tenant owners with "patch namespace" permission can hijack system namespaces label

Capsule is a multi-tenancy and policy-based framework for Kubernetes. A namespace label injection vulnerability in Capsule v0.10.3 and earlier allows authenticated tenant users to inject arbitrary labels into system namespaces (kube-system, default, capsule-system), bypassing multi-tenant isolation and potentially accessing cross-tenant resources through TenantResource selectors. This vulnerability enables privilege escalation and violates the fundamental security boundaries that Capsule is designed to enforce. This vulnerability is fixed in 0.10.4.

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H

授权机制不正确

Capsule 安全漏洞

Capsule是Project Capsule开源的一个 Kubernetes 的多租户和基于策略的框架。 Capsule 0.10.3及之前版本存在安全漏洞，该漏洞源于命名空间标签注入漏洞，可能导致权限提升和跨租户资源访问。

N/A

N/A