CVE-2023-3027

Name of the Vulnerable Software and Affected Versions grc-policy-propagator (affected versions not specified)

Description The issue allows security escalation within the cluster. It is related to policies that contain dynamically obtained values, which can take advantage of cluster scoped access in a created policy. This feature does not properly restrict lookup content to the namespace where the policy was created.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.