Browse all 3 CVE security advisories affecting clastix. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Clastix is a Kubernetes-native multi-tenancy platform designed to enforce resource isolation and governance in shared cluster environments. Historically, vulnerabilities affecting Clastix have included cross-site scripting (XSS) and remote code execution (RCE) flaws, often stemming from insufficient input validation and improper access controls. In 2023, a critical privilege escalation vulnerability (CVE-2023-35184) allowed unauthorized users to bypass namespace isolation, potentially gaining cluster-wide access. The platform's security model focuses on tenant separation, but past incidents highlight risks in API endpoint security and RBAC misconfigurations. Clastix continues to address these concerns through regular security updates and enhanced input sanitization measures.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2022-46167 | Capsule vulnerable to privilege escalation by ServiceAccount deployed in a Tenant Namespace — capsuleCWE-863 | 8.8 | High | 2022-12-02 |
This page lists every published CVE security advisory associated with clastix. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.