Home > Vulnerability Database > CVE-2025-55205

Mend.io Vulnerability Database

CVE-2025-55205

Good to know:

Date: August 18, 2025

Capsule is a multi-tenancy and policy-based framework for Kubernetes. A namespace label injection vulnerability in Capsule v0.10.3 and earlier allows authenticated tenant users to inject arbitrary labels into system namespaces (kube-system, default, capsule-system), bypassing multi-tenant isolation and potentially accessing cross-tenant resources through TenantResource selectors. This vulnerability enables privilege escalation and violates the fundamental security boundaries that Capsule is designed to enforce. This vulnerability is fixed in 0.10.4.

Severity Score

9.0

Related Resources (6)

Url: https://pkg.go.dev/vuln/GO-2025-3893

Url: https://nvd.nist.gov/vuln/detail/CVE-2025-55205

Url: https://github.com/projectcapsule/capsule

Url: https://github.com/projectcapsule/capsule/commit/e1f47feade6e1695b2204407607d07c3b3994f6e

Url: https://github.com/projectcapsule/capsule/security/advisories/GHSA-fcpm-6mxq-m5vv

Url: https://www.mend.io/vulnerability-database/CVE-2025-55205

Severity Score

9.0

Weakness Type (CWE)

Incorrect Authorization

CWE-863

Top Fix

Upgrade Version

Upgrade to version github.com/projectcapsule/capsule - v0.10.4;https://github.com/projectcapsule/capsule.git - v0.10.4

Learn More

CVSS v3.1

Base Score:	9.0
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	LOW
User Interaction (UI):	REQUIRED
Scope (S):	CHANGED
Confidentiality (C):	HIGH
Integrity (I):	HIGH
Availability (A):	HIGH

Mend.io Vulnerability Database

We found results for “”

CVE-2025-55205

Good to know:

Date: August 18, 2025

Severity Score

Related Resources (6)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3.1

Do you need more information?