A vulnerability has been identified when granting a create or * global role for a resource type of namespaces; no matter the API group, the subject will receive * permissions for core namespaces. This can lead to someone being capable of accessing, creating, updating, or deleting a namespace in the project.
The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.