github.com/projectcapsule/capsule

Go3 known CVEs affecting this package

Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.

CVEs affecting github.com/projectcapsule/capsulepage 1 of 1

CVE-2023-46254MEDIUMCVSS 4.3EG 4.3✓ Fixed in 0.4.5
2023-11-06
capsule-proxy is a reverse proxy for Capsule kubernetes multi-tenancy framework. A bug in the RoleBinding reflector used by `capsule-proxy` gives ServiceAccount tenant owners the right to list Namespaces of other tenants backed by the same…
CVE-2024-39690HIGHCVSS 8.4EG 8.4
2024-08-20
Capsule is a multi-tenancy and policy-based framework for Kubernetes. In Capsule v0.7.0 and earlier, the tenant-owner can patch any arbitrary namespace that has not been taken over by a tenant (i.e., namespaces without the ownerReference f…
CVE-2025-55205CRITICALCVSS 9.0EG 9.0✓ Fixed in 0.10.4
2025-08-18
Capsule is a multi-tenancy and policy-based framework for Kubernetes. A namespace label injection vulnerability in Capsule v0.10.3 and earlier allows authenticated tenant users to inject arbitrary labels into system namespaces (kube-system…

Check whether github.com/projectcapsule/capsule is used in your infrastructure

EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for github.com/projectcapsule/capsule CVEs against the assets you own.

Start Free Scan →