CVE-2024-39690

Capsule is a multi-tenancy and policy-based framework for Kubernetes. In Capsule v0.7.0 and earlier, the tenant-owner can patch any arbitrary namespace that has not been taken over by a tenant (i.e., namespaces without the ownerReference field), thereby gaining control of that namespace. Version 0.7.1 contains a patch.

Published: Aug 20, 2024
Updated: Aug 15, 2025
CVE: CVE-2024-39690
GHSA: GHSA-mq69-4j5w-3qwp
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 8.8
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWEs:

CWE-863

Affected Software
References

Software	From	Fixed in
github.com/projectcapsule/capsule	-	0.7.0.x
projectcapsule / capsule	-	0.7.0.x

https://github.com/projectcapsule/capsule/commit/d620b0457ddec01616b8eab8512a10611611f584
https://github.com/projectcapsule/capsule/security/advisories/GHSA-mq69-4j5w-3qwp

Vulnerability Database

CVE-2024-39690

Deep Security Visibility Without the Complexity