Summary
The Hub-to-Nebi egress NetworkPolicy selects the entire Nebi namespace with no destination pod selector, so any pod in that namespace is reachable from the hub on the allowed port. The rule is port-scoped to TCP/8460 and only renders when a Nebi internal URL is configured, which bounds the exposure.
Severity: Low · CWE-284 (Improper Access Control)
Validation: Confirmed against HEAD f932d80 on 2026-07-14 (assessed at 69c84f7; unchanged since).
Evidence
templates/hub-nebi-networkpolicy.yaml:19-26: the egress to: peer has a namespaceSelector matching kubernetes.io/metadata.name: {{ .Values.nebi.namespace }} but no podSelector. Port defaults to 8460 (values.yaml:249).
- The policy only renders when both
nebi.internalURL and nebi.namespace are set (hub-nebi-networkpolicy.yaml:1). nebi.internalURL defaults to empty (values.yaml:240), so on a default install this policy is not emitted at all; it applies only once a deployer sets an explicit internal URL.
Impact
When the policy is active, a malicious or compromised pod in the Nebi namespace that listens on 8460 becomes reachable from the hub. The exposure is limited to that single port, not all traffic.
Remediation
- Add a
podSelector matching the exact Nebi workload labels alongside the namespace selector.
- Use service identity where the CNI supports it.
Acceptance criteria
Source: data-science-pack 0.1.0 security assessment (pinned commit 69c84f72df259ec755ed40bfc83f20158c550d55), finding L-02.
Summary
The Hub-to-Nebi egress NetworkPolicy selects the entire Nebi namespace with no destination pod selector, so any pod in that namespace is reachable from the hub on the allowed port. The rule is port-scoped to TCP/8460 and only renders when a Nebi internal URL is configured, which bounds the exposure.
Severity: Low · CWE-284 (Improper Access Control)
Validation: Confirmed against HEAD
f932d80on 2026-07-14 (assessed at69c84f7; unchanged since).Evidence
templates/hub-nebi-networkpolicy.yaml:19-26: the egressto:peer has anamespaceSelectormatchingkubernetes.io/metadata.name: {{ .Values.nebi.namespace }}but nopodSelector. Port defaults to 8460 (values.yaml:249).nebi.internalURLandnebi.namespaceare set (hub-nebi-networkpolicy.yaml:1).nebi.internalURLdefaults to empty (values.yaml:240), so on a default install this policy is not emitted at all; it applies only once a deployer sets an explicit internal URL.Impact
When the policy is active, a malicious or compromised pod in the Nebi namespace that listens on 8460 becomes reachable from the hub. The exposure is limited to that single port, not all traffic.
Remediation
podSelectormatching the exact Nebi workload labels alongside the namespace selector.Acceptance criteria
Source: data-science-pack 0.1.0 security assessment (pinned commit
69c84f72df259ec755ed40bfc83f20158c550d55), finding L-02.