GHSA-vjhc-cf4p-72q4: Fission: Cross-namespace Environment reference in Package allows build-time command execution and SA token exfiltration
Fission's buildermgr controller failed to verify that the Package Custom Resource Definition (CRD) environment namespace matched the package's own namespace. This allowed an attacker with package creation rights in their own namespace to specify a different namespace for the environment, causing the controller to execute build commands in another tenant's namespace. Malicious build steps could exfiltrate the victim namespace's fission-builder service account token via build logs, enabling read access to all Secrets and ConfigMaps in that namespace. The issue was fixed in Fission v1.24.0 by enforcing namespace checks both at admission webhook and controller levels.
AI Analysis
Technical Summary
A vulnerability in Fission's buildermgr controller allowed cross-namespace environment references in Package CRDs without verifying that the environment namespace matched the package's namespace. An attacker with create permissions on packages in their own namespace could specify an environment in another tenant's namespace, causing the controller to execute build commands in the victim namespace's builder pod. By embedding malicious code in build lifecycle hooks, the attacker could read the victim namespace's fission-builder service account token from the builder pod and exfiltrate it through the build log. This token could then be used to read all Secrets and ConfigMaps in the victim namespace, resulting in cross-tenant compromise. The vulnerability was addressed in pull request #3379 and released in version 1.24.0, which added admission webhook validation and controller-side checks to reject packages with mismatched environment namespaces.
Potential Impact
This vulnerability enables an attacker with package creation privileges in their own namespace to execute arbitrary code in another tenant's builder pod and exfiltrate that tenant's fission-builder service account token. The attacker can then use this token to read all Secrets and ConfigMaps in the victim namespace, leading to a complete compromise of sensitive configuration data within that namespace. This represents a high-severity cross-tenant privilege escalation and data exfiltration risk.
Mitigation Recommendations
A fix is available in Fission version 1.24.0. The update enforces that the Package.spec.environment.namespace must match the Package.metadata.namespace via an admission webhook and controller-level checks, preventing cross-namespace environment references. Users should upgrade to version 1.24.0 or later to remediate this vulnerability. No additional mitigations are required if the fix is applied.
GHSA-vjhc-cf4p-72q4: Fission: Cross-namespace Environment reference in Package allows build-time command execution and SA token exfiltration
Description
Fission's buildermgr controller failed to verify that the Package Custom Resource Definition (CRD) environment namespace matched the package's own namespace. This allowed an attacker with package creation rights in their own namespace to specify a different namespace for the environment, causing the controller to execute build commands in another tenant's namespace. Malicious build steps could exfiltrate the victim namespace's fission-builder service account token via build logs, enabling read access to all Secrets and ConfigMaps in that namespace. The issue was fixed in Fission v1.24.0 by enforcing namespace checks both at admission webhook and controller levels.
CVSS v3.1
Affected software
Run on your own infrastructure? Check whether these packages are installed with threat-finder — our free open-source scanner.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
A vulnerability in Fission's buildermgr controller allowed cross-namespace environment references in Package CRDs without verifying that the environment namespace matched the package's namespace. An attacker with create permissions on packages in their own namespace could specify an environment in another tenant's namespace, causing the controller to execute build commands in the victim namespace's builder pod. By embedding malicious code in build lifecycle hooks, the attacker could read the victim namespace's fission-builder service account token from the builder pod and exfiltrate it through the build log. This token could then be used to read all Secrets and ConfigMaps in the victim namespace, resulting in cross-tenant compromise. The vulnerability was addressed in pull request #3379 and released in version 1.24.0, which added admission webhook validation and controller-side checks to reject packages with mismatched environment namespaces.
Potential Impact
This vulnerability enables an attacker with package creation privileges in their own namespace to execute arbitrary code in another tenant's builder pod and exfiltrate that tenant's fission-builder service account token. The attacker can then use this token to read all Secrets and ConfigMaps in the victim namespace, leading to a complete compromise of sensitive configuration data within that namespace. This represents a high-severity cross-tenant privilege escalation and data exfiltration risk.
Mitigation Recommendations
A fix is available in Fission version 1.24.0. The update enforces that the Package.spec.environment.namespace must match the Package.metadata.namespace via an admission webhook and controller-level checks, preventing cross-namespace environment references. Users should upgrade to version 1.24.0 or later to remediate this vulnerability. No additional mitigations are required if the fix is applied.
Technical Details
- Gcve Source
- db.gcve.eu
- Osv Id
- GHSA-vjhc-cf4p-72q4
- Osv Schema Version
- 1.4.0
- Aliases
- ["CVE-2026-49821"]
- Ecosystems
- ["Go"]
- Database Specific Severity
- HIGH
- Cvss Version
- 3.1
Threat ID: 6a4452e927e9c797198e1a84
Added to database: 06/30/2026, 23:36:09 UTC
Last enriched: 06/30/2026, 23:51:54 UTC
Last updated: 06/30/2026, 23:51:54 UTC
Views: 2
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.