github.com/kubernetes/kubernetes is vulnerable to unauthorised access to the resources. API server allows a user with access privilege to the custom resources in one namespace to create, view update or delete the cluster-scoped resources.
access.redhat.com/errata/RHBA-2019:2816
access.redhat.com/errata/RHBA-2019:2824
access.redhat.com/errata/RHSA-2019:2690
access.redhat.com/errata/RHSA-2019:2769
github.com/kubernetes/kubernetes/blob/master/CHANGELOG-1.13.md#v1139
github.com/kubernetes/kubernetes/blob/master/CHANGELOG-1.14.md#v1145
github.com/kubernetes/kubernetes/blob/master/CHANGELOG-1.15.md#v1152
github.com/kubernetes/kubernetes/commit/9d3c8b36d992cdbea00040f2c31d39f46e4c4219
github.com/kubernetes/kubernetes/issues/80983
groups.google.com/d/msg/kubernetes-security-announce/vUtEcSEY6SM/v2ZZxsmtFQAJ
security.netapp.com/advisory/ntap-20190919-0003/