GHSA-3r8v-2xmj-5c39: Fission: Cross-namespace Package read via unvalidated PackageRef in Function admission webhook
A vulnerability in Fission prior to version 1.24.0 allows a function author in one namespace to read the deployment archive, including source code and embedded secrets, of any Package in any other namespace. This occurs because the admission webhook did not validate the PackageRef.Namespace field, allowing cross-namespace Package references. The issue is fixed in version 1.24.0 by enforcing namespace validation in the admission webhook.
AI Analysis
Technical Summary
Fission Functions specify references to Secrets, ConfigMaps, and Packages. While Secret and ConfigMap references were namespace-validated by the admission webhook, PackageRef.Namespace was not. This allowed a tenant with create permissions in their namespace to specify a PackageRef.Namespace from any other namespace. When the function is invoked, the fetcher sidecar uses the fission-fetcher service account, which has namespace-wide get permissions on Packages, to read the victim Package and expose its contents inside the attacker's pod. The vulnerability enables unauthorized cross-namespace reading of Package deployment archives, potentially exposing source code and embedded credentials. The issue was fixed in pull request #3389 and released in Fission v1.24.0 by rejecting Functions with PackageRef.Namespace not matching the Function's namespace.
Potential Impact
An attacker with function creation rights in one namespace can read the deployment archives of Packages in other namespaces. This leads to unauthorized disclosure of source code and any embedded secrets contained within those Packages. The vulnerability breaks namespace isolation for Package references in Fission, potentially exposing sensitive information across tenant boundaries.
Mitigation Recommendations
Upgrade to Fission version 1.24.0 or later, where the admission webhook enforces that Function.spec.package.packageref.namespace must match the Function's namespace. Functions that specify a different namespace for PackageRef are rejected at admission, preventing cross-namespace Package reads. Patch status: fixed in v1.24.0.
GHSA-3r8v-2xmj-5c39: Fission: Cross-namespace Package read via unvalidated PackageRef in Function admission webhook
Description
A vulnerability in Fission prior to version 1.24.0 allows a function author in one namespace to read the deployment archive, including source code and embedded secrets, of any Package in any other namespace. This occurs because the admission webhook did not validate the PackageRef.Namespace field, allowing cross-namespace Package references. The issue is fixed in version 1.24.0 by enforcing namespace validation in the admission webhook.
CVSS v3.1
Affected software
Run on your own infrastructure? Check whether these packages are installed with threat-finder — our free open-source scanner.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
Fission Functions specify references to Secrets, ConfigMaps, and Packages. While Secret and ConfigMap references were namespace-validated by the admission webhook, PackageRef.Namespace was not. This allowed a tenant with create permissions in their namespace to specify a PackageRef.Namespace from any other namespace. When the function is invoked, the fetcher sidecar uses the fission-fetcher service account, which has namespace-wide get permissions on Packages, to read the victim Package and expose its contents inside the attacker's pod. The vulnerability enables unauthorized cross-namespace reading of Package deployment archives, potentially exposing source code and embedded credentials. The issue was fixed in pull request #3389 and released in Fission v1.24.0 by rejecting Functions with PackageRef.Namespace not matching the Function's namespace.
Potential Impact
An attacker with function creation rights in one namespace can read the deployment archives of Packages in other namespaces. This leads to unauthorized disclosure of source code and any embedded secrets contained within those Packages. The vulnerability breaks namespace isolation for Package references in Fission, potentially exposing sensitive information across tenant boundaries.
Mitigation Recommendations
Upgrade to Fission version 1.24.0 or later, where the admission webhook enforces that Function.spec.package.packageref.namespace must match the Function's namespace. Functions that specify a different namespace for PackageRef are rejected at admission, preventing cross-namespace Package reads. Patch status: fixed in v1.24.0.
Technical Details
- Gcve Source
- db.gcve.eu
- Osv Id
- GHSA-3r8v-2xmj-5c39
- Osv Schema Version
- 1.4.0
- Aliases
- ["CVE-2026-49823"]
- Ecosystems
- ["Go"]
- Database Specific Severity
- HIGH
- Cvss Version
- 3.1
Threat ID: 6a4452e927e9c797198e1a74
Added to database: 06/30/2026, 23:36:09 UTC
Last enriched: 06/30/2026, 23:51:39 UTC
Last updated: 06/30/2026, 23:51:39 UTC
Views: 2
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.