Openshift allows remote malicious users to gain privileges by updating a build configuration that was created with an allowed type to a type that is not allowed.
An authorization flaw was discovered in Kubernetes; the API server did not properly check user permissions when handling certain build-configuration strategies A remote attacker could create build configurations with strategies that violate policy Although the attacker could not launch the build themselves (launch fails when the policy is violate ...