Lucene search
K

340 matches found

Cvelist
Cvelist
added 2025/11/06 12:23 a.m.37 views

CVE-2025-64171 MARIN3R: Cross-Namespace Vulnerability in the Operator

MARIN3R is a lightweight, CRD based envoy control plane for kubernetes. In versions 0.13.3 and below, there is a cross-namespace secret access vulnerability in the project's DiscoveryServiceCertificate which allows users to bypass RBAC and access secrets in unauthorized namespaces. This issue is...

8.7CVSS0.00197EPSS
Exploits0References2
EUVD
EUVD
added 2025/11/06 12:23 a.m.6 views

EUVD-2025-37859

MARIN3R is a lightweight, CRD based envoy control plane for kubernetes. In versions 0.13.3 and below, there is a cross-namespace secret access vulnerability in the project's DiscoveryServiceCertificate which allows users to bypass RBAC and access secrets in unauthorized namespaces. This issue is...

8.7CVSS5.9AI score0.00197EPSS
Exploits0References5
OSV
OSV
added 2025/11/06 12:23 a.m.5 views

CVE-2025-64171 MARIN3R: Cross-Namespace Vulnerability in the Operator

MARIN3R is a lightweight, CRD based envoy control plane for kubernetes. In versions 0.13.3 and below, there is a cross-namespace secret access vulnerability in the project's DiscoveryServiceCertificate which allows users to bypass RBAC and access secrets in unauthorized namespaces. This issue is...

8.7CVSS6.4AI score0.00197EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/11/06 12:0 a.m.4 views

marin3r 安全漏洞

marin3r is a lightweight CRD-based kubernetes control panel open-sourced by Red Hat 3scale SRE. A security vulnerability exists in marin3r 0.13.3 and earlier versions, which stems from a cross-namespace secret access vulnerability in DiscoveryServiceCertificate that could lead to bypassing RBAC a...

8.7CVSS6AI score0.00197EPSS
Exploits0References3
Snyk
Snyk
added 2025/11/04 3:43 p.m.3 views

Missing Authorization

Overview Affected versions of this package are vulnerable to Missing Authorization via the getIssuerCertificate function. An attacker can gain unauthorized access to Secrets in other namespaces by bypassing RBAC restrictions. This is only exploitable if the attacker has permission to create...

8.7CVSS7AI score0.00197EPSS
Exploits0References2
OSV
OSV
added 2025/11/04 3:43 p.m.5 views

GHSA-GF93-XCCM-5G6J MARIN3R: Cross-Namespace Vulnerability in the Operator

Summary Cross-namespace Secret access vulnerability in DiscoveryServiceCertificate allows users to bypass RBAC and access Secrets in unauthorized namespaces. Affected Versions All versions prior to v0.13.4 Patched Versions v0.13.4 and later Impact Users with permission to create...

8.7CVSS6.3AI score0.00197EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2025/11/04 3:43 p.m.12 views

MARIN3R: Cross-Namespace Vulnerability in the Operator

Summary Cross-namespace Secret access vulnerability in DiscoveryServiceCertificate allows users to bypass RBAC and access Secrets in unauthorized namespaces. Affected Versions All versions prior to v0.13.4 Patched Versions v0.13.4 and later Impact Users with permission to create...

8.7CVSS6.3AI score0.00197EPSS
Exploits0References6Affected Software1
Positive Technologies
Positive Technologies
added 2025/11/04 12:0 a.m.5 views

PT-2025-45114

Name of the Vulnerable Software and Affected Versions MARIN3R versions 0.13.3 and below Description MARIN3R, a lightweight, CRD based envoy control plane for kubernetes, contains a flaw where a cross-namespace secret access issue exists in the DiscoveryServiceCertificate component. This allows...

8.7CVSS6.4AI score0.00197EPSS
Exploits0References12
GitLab Advisory Database
GitLab Advisory Database
added 2025/11/04 12:0 a.m.25 views

MARIN3R: Cross-Namespace Vulnerability in the Operator

Cross-namespace Secret access vulnerability in DiscoveryServiceCertificate allows users to bypass RBAC and access Secrets in unauthorized namespaces...

8.7CVSS6.6AI score0.00197EPSS
Exploits0References7Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/10/27 12:0 a.m.8 views

Siemens SIMATIC Devices Improper Restriction of Communication Channel to Intended Endpoints (CVE-2024-35884)

In the Linux kernel, the following vulnerability has been resolved: udp: do not accept non-tunnel GSO skbs landing in a tunnel When rx- udp-gro-forwarding is enabled UDP packets might be GROed when being forwarded. If such packets might land in a tunnel this can cause various issues and...

8.8CVSS5.9AI score0.00669EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/10/16 6:49 p.m.5 views

CVE-2025-62159

External Secrets Operator reads information from a third-party service and automatically injects the values as Kubernetes Secrets. A vulnerability was discovered in the BeyondTrust provider implementation for External Secrets Operator versions 0.10.1 through 0.19.2. The provider previously...

8.7CVSS6.7AI score0.00285EPSS
Exploits0References1
NVD
NVD
added 2025/10/10 11:15 p.m.9 views

CVE-2025-62159

External Secrets Operator reads information from a third-party service and automatically injects the values as Kubernetes Secrets. A vulnerability was discovered in the BeyondTrust provider implementation for External Secrets Operator versions 0.10.1 through 0.19.2. The provider previously...

8.7CVSS0.00285EPSS
Exploits0References1
Snyk
Snyk
added 2025/10/10 10:41 p.m.1 views

Missing Authorization

Overview Affected versions of this package are vulnerable to Missing Authorization due to the resolvers.SecretKeyRef process not being used for namespace validation. An attacker can gain unauthorized access to secrets across namespaces by exploiting the lack of proper namespace checks during secr...

8.7CVSS7AI score0.00285EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/10/10 10:23 p.m.1 views

CVE-2025-62159 External Secrets Operator's BeyondTrust Provider has Insecure Secret Retrieval

External Secrets Operator reads information from a third-party service and automatically injects the values as Kubernetes Secrets. A vulnerability was discovered in the BeyondTrust provider implementation for External Secrets Operator versions 0.10.1 through 0.19.2. The provider previously...

8.7CVSS6.5AI score0.00285EPSS
Exploits0References1
CVE
CVE
added 2025/10/10 10:23 p.m.21 views

CVE-2025-62159

CVE-2025-62159 affects External Secrets Operator’s BeyondTrust provider (versions 0.10.1–0.19.2). The legacy code retrieved Kubernetes secrets directly without validating namespace context or secret store type, enabling cross‑namespace secret access and security boundary violations. In version 0....

8.7CVSS6.5AI score0.00285EPSS
Exploits0References1
OSV
OSV
added 2025/10/10 10:23 p.m.6 views

CVE-2025-62159 External Secrets Operator's BeyondTrust Provider has Insecure Secret Retrieval

External Secrets Operator reads information from a third-party service and automatically injects the values as Kubernetes Secrets. A vulnerability was discovered in the BeyondTrust provider implementation for External Secrets Operator versions 0.10.1 through 0.19.2. The provider previously...

8.7CVSS6.9AI score0.00285EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/10 10:23 p.m.5 views

EUVD-2025-33793

External Secrets Operator reads information from a third-party service and automatically injects the values as Kubernetes Secrets. A vulnerability was discovered in the BeyondTrust provider implementation for External Secrets Operator versions 0.10.1 through 0.19.2. The provider previously...

8.7CVSS6.3AI score0.00285EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/10/10 10:23 p.m.11 views

CVE-2025-62159 External Secrets Operator's BeyondTrust Provider has Insecure Secret Retrieval

External Secrets Operator reads information from a third-party service and automatically injects the values as Kubernetes Secrets. A vulnerability was discovered in the BeyondTrust provider implementation for External Secrets Operator versions 0.10.1 through 0.19.2. The provider previously...

8.7CVSS0.00285EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/10/10 12:0 a.m.8 views

PT-2025-41614

Name of the Vulnerable Software and Affected Versions External Secrets Operator versions 0.10.1 through 0.19.2 Description The External Secrets Operator reads information from a third-party service and automatically injects the values as Kubernetes Secrets. A flaw exists in the BeyondTrust provid...

8.7CVSS6.2AI score0.00285EPSS
Exploits0References6
CNNVD
CNNVD
added 2025/10/10 12:0 a.m.5 views

External Secrets 访问控制错误漏洞

External Secrets is a Kubernetes-related application in the External Secrets open source. An access control error vulnerability exists in External Secrets versions 0.10.1 through 0.19.2, which stems from an unvalidated namespace context or keystore type, and could lead to unauthorized...

8.7CVSS6.4AI score0.00285EPSS
Exploits0References2
Rows per page
Query Builder