Package impact
Go / github.com/projectcapsule/capsule
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-22872 | critical | 9.1 | 9.1 | 6d ago | Capsule is a multi-tenancy and policy-based framework for Kubernetes. The Capsule Controller runs with cluster-admin privileges. Although the TenantResource RawItems processing logic forcibly sets th… | |||
| CVE-2026-30963 | low | 2.7 | 2.7 | 6d ago | Capsule is a multi-tenancy and policy-based framework for Kubernetes. To defend against namespace hijacking achieved through update/patch operations on namespaces, Capsule uses a webhook to validate … | |||
| CVE-2025-55205 | unknown | — | — | 10mo ago | Capsule tenant owners with "patch namespace" permission can hijack system namespaces label in github.com/projectcapsule/capsule | |||
| CVE-2024-39690 | unknown | — | — | 2y ago | Capsule tenant owner with "patch namespace" permission can hijack system namespaces in github.com/projectcapsule/capsule | |||
| CVE-2023-46254 | unknown | — | — | 3y ago | capsule-proxy service discloses Namespaces of colliding tenants to owners of different tenants with the same ServiceAccount name |