We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.
Please see our statement on Data Privacy.
A vulnerability has been identified when granting a create or * global role for a resource type of "namespaces"; no matter the API group, the subject will receive * permissions for core namespaces. This can lead to someone being capable of accessing, creating, updating, or deleting a namespace in the project.
Reserved 2023-05-04 | Published 2024-10-16 | Updated 2024-10-16 | Assigner suseCWE-269 Improper Privilege Management
bugzilla.suse.com/show_bug.cgi?id=CVE-2023-32194
github.com/...ancher/security/advisories/GHSA-c85r-fwc7-45vc
Support options