Skip to main content
Press slash or control plus K to focus the search. Use the arrow keys to navigate results and press enter to open a threat.
Reconnecting to live updates…

GHSA-398h-7f66-3h4p: open-feature-operator: Cross-namespace FeatureFlagSource and InProcessConfiguration resolution exposes spec contents on multi-tenant clusters

0
Medium
Published: 07/15/2026 (07/15/2026, 22:44:48 UTC)
Source: GCVE Database
Product: github.com/open-feature/open-feature-operator

Description

The open-feature-operator allows cross-namespace referencing of FeatureFlagSource and InProcessConfiguration resources via a documented annotation syntax. On multi-tenant Kubernetes clusters that treat namespaces as trust boundaries, this can lead to tenant-to-tenant disclosure of sensitive spec contents such as inline environment variables, bearer tokens, and sync URIs. This behavior is intentional and documented, with the operator having cluster-wide RBAC scope. The vulnerability does not affect single-tenant clusters. Mitigations include avoiding plaintext secrets in CR spec fields and restricting create permissions via RBAC. A future release plans to remove implicit cross-namespace resolution by introducing cluster-scoped CRDs.

CVSS v3.1

Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
None
Availability
None
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Affected software

Goghsa
github.com/open-feature/open-feature-operator
Affected versions
<=0.9.2

Run on your own infrastructure? Check whether these packages are installed with threat-finder — our free open-source scanner.

AI-Powered Analysis

Machine-generated threat intelligence

AILast updated: 07/16/2026, 10:49:10 UTC

Technical Analysis

The open-feature-operator supports referencing namespaced FeatureFlagSource or InProcessConfiguration resources across namespaces using the documented {NAMESPACE}/{NAME} annotation syntax. The operator resolves these references cluster-wide and injects their spec contents (including env vars, flagd sidecar arguments like httpSyncBearerToken, sync URIs, and supporting ConfigMaps) into workloads. In multi-tenant clusters that use namespaces as trust boundaries, a tenant with permission to deploy controller-owned workloads in their namespace can cause the operator to read and disclose another tenant's FeatureFlagSource or InProcessConfiguration spec contents. This includes inline environment variable values and bearer tokens placed directly in the CR spec. The operator's cluster-wide RBAC scope and cross-namespace resolution are intentional and documented; namespace trust boundaries are not part of its current security model. The vulnerability does not allow cross-namespace disclosure of secretKeyRef or configMapKeyRef values, as those are resolved locally by the kubelet. The prerequisite for exploitation is create permission on workload controllers in the attacker's namespace, not on FeatureFlagSource resources. The advisory recommends treating FeatureFlagSource and InProcessConfiguration spec contents as readable by anyone with read access and avoiding plaintext secrets in these specs. A future breaking change will introduce explicit cluster-scoped CRDs and remove implicit cross-namespace resolution to address this architectural issue.

Potential Impact

On multi-tenant Kubernetes clusters that treat namespaces as trust boundaries, this vulnerability allows a tenant to disclose sensitive data from another tenant's FeatureFlagSource or InProcessConfiguration resource specs. This includes inline environment variable values, httpSyncBearerToken, and sync URIs embedded in the CR spec. Single-tenant clusters are not impacted. The vulnerability does not affect secretKeyRef or configMapKeyRef cross-namespace disclosure. There is no impact on integrity or availability, only confidentiality of spec data is affected.

Mitigation Recommendations

No official patch or fix is currently available. Users should treat FeatureFlagSource and InProcessConfiguration spec contents as readable by anyone with read access and avoid placing plaintext secrets in these spec fields. Use valueFrom.secretKeyRef for sensitive environment variables instead of inline values, as kubelet enforces same-namespace resolution for secrets. Restrict create permissions on featureflagsources and inprocessconfigurations via RBAC where feasible, especially in multi-tenant environments that treat namespaces as trust boundaries. Monitor the project's roadmap for upcoming breaking changes introducing cluster-scoped CRDs that will remove implicit cross-namespace resolution.

Pro Console: star threats, build custom feeds, automate alerts via Slack, email & webhooks.Upgrade to Pro

Technical Details

Gcve Source
db.gcve.eu
Osv Id
GHSA-398h-7f66-3h4p
Osv Schema Version
1.4.0
Aliases
["CVE-2026-54495"]
Ecosystems
["Go"]
Database Specific Severity
MODERATE
Cvss Version
3.1

Threat ID: 6a58b40468715ace43d67079

Added to database: 07/16/2026, 10:35:48 UTC

Last enriched: 07/16/2026, 10:49:10 UTC

Last updated: 07/17/2026, 03:34:54 UTC

Views: 6

Community Reviews

0 reviews

Crowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.

Sort by
Loading community insights…

Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.

Actions

PRO

Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.

Please log in to the Console to use AI analysis features.

Need more coverage?

Upgrade to Pro Console for AI refresh and higher limits.

For incident response and remediation, OffSeq services can help resolve threats faster.

Latest Threats

Breach by OffSeqOFFSEQFRIENDS — 25% OFF

Check if your credentials are on the dark web

Instant breach scanning across billions of leaked records. Free tier available.

Scan now
OffSeq TrainingCredly Certified

Lead Pen Test Professional

Technical5-day eLearningPECB Accredited
View courses