{"id":"GO-2022-1135","summary":"Capsule vulnerable to privilege escalation by ServiceAccount deployed in a Tenant Namespace in github.com/clastix/capsule","details":"Capsule vulnerable to privilege escalation by ServiceAccount deployed in a Tenant Namespace in github.com/clastix/capsule","aliases":["CVE-2022-46167","GHSA-x45c-cvp8-q4fm"],"modified":"2026-03-17T04:29:15.002782Z","published":"2024-08-21T16:03:26Z","database_specific":{"review_status":"UNREVIEWED","url":"https://pkg.go.dev/vuln/GO-2022-1135"},"references":[{"type":"ADVISORY","url":"https://github.com/clastix/capsule/security/advisories/GHSA-x45c-cvp8-q4fm"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-46167"},{"type":"FIX","url":"https://github.com/clastix/capsule/commit/1df430e71be8c4778c82eca3459978ad7d0b4b7b"},{"type":"FIX","url":"https://github.com/clastix/capsule/commit/75525ac19254b0c5111e34d7985e2be7bc8b1ac1"},{"type":"WEB","url":"https://github.com/clastix/capsule/releases/tag/v0.1.3"}],"affected":[{"package":{"name":"github.com/clastix/capsule","ecosystem":"Go","purl":"pkg:golang/github.com/clastix/capsule"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"},{"fixed":"0.1.3"}]}],"ecosystem_specific":{},"database_specific":{"source":"https://vuln.go.dev/ID/GO-2022-1135.json"}}],"schema_version":"1.7.5"}