may allow excessive write access within a names- pace. If, in the future, a privilege escalation vector is identified for any of the Kubernetes API Groups, escape from a specific namespace is possible server-side request forgery vulnerability. In the case of the latter, this could enable a denial of service vector by sending a request to the POST /qui tquitquit endpoint10 that causes the process to exit. "admin":

instead be reading the body. As such, the MaxBytesHandler introduces an http request smuggling attack vector. The issue was disclosed to the Golang security team who fixed the vulnerability and assigned it