A critical security vulnerability has been identified in Kubernetes Capsule v0.10.3 and earlier versions, allowing authenticated tenant users to inject arbitrary labels into system namespaces and bypass multi-tenant isolation controls. The vulnerability, tracked as GHSA-fcpm-6mxq-m5vv, was disclosed by security researcher Oliverbaehler and represents a significant threat to organizations relying on Capsule for Kubernetes multi-tenancy. Key […]
The post Critical Namespace Injection Vulnerability in Kubernetes Capsule Let Attackers Inject Arbitrary Labels appeared first on Cyber Security News.
This article has been indexed from Cyber Security News
Read the original article: