github.com/kubernetes/kubernetes is vulnerable to authorization bypass. The library contains a bug that allows a malicious user to access any PodSecurityPolicy
object. This exploit only works if the PodSecurityPolicy Admission Plugin and PodSecurityPolicy API is enabled.
CPE | Name | Operator | Version |
---|---|---|---|
github.com/kubernetes/kubernetes | eq | HEAD | |
github.com/kubernetes/kubernetes | le | 1.5.4 |