340 matches found
CVE-2025-64171 MARIN3R: Cross-Namespace Vulnerability in the Operator
MARIN3R is a lightweight, CRD based envoy control plane for kubernetes. In versions 0.13.3 and below, there is a cross-namespace secret access vulnerability in the project's DiscoveryServiceCertificate which allows users to bypass RBAC and access secrets in unauthorized namespaces. This issue is...
EUVD-2025-37859
MARIN3R is a lightweight, CRD based envoy control plane for kubernetes. In versions 0.13.3 and below, there is a cross-namespace secret access vulnerability in the project's DiscoveryServiceCertificate which allows users to bypass RBAC and access secrets in unauthorized namespaces. This issue is...
CVE-2025-64171 MARIN3R: Cross-Namespace Vulnerability in the Operator
MARIN3R is a lightweight, CRD based envoy control plane for kubernetes. In versions 0.13.3 and below, there is a cross-namespace secret access vulnerability in the project's DiscoveryServiceCertificate which allows users to bypass RBAC and access secrets in unauthorized namespaces. This issue is...
marin3r 安全漏洞
marin3r is a lightweight CRD-based kubernetes control panel open-sourced by Red Hat 3scale SRE. A security vulnerability exists in marin3r 0.13.3 and earlier versions, which stems from a cross-namespace secret access vulnerability in DiscoveryServiceCertificate that could lead to bypassing RBAC a...
Missing Authorization
Overview Affected versions of this package are vulnerable to Missing Authorization via the getIssuerCertificate function. An attacker can gain unauthorized access to Secrets in other namespaces by bypassing RBAC restrictions. This is only exploitable if the attacker has permission to create...
GHSA-GF93-XCCM-5G6J MARIN3R: Cross-Namespace Vulnerability in the Operator
Summary Cross-namespace Secret access vulnerability in DiscoveryServiceCertificate allows users to bypass RBAC and access Secrets in unauthorized namespaces. Affected Versions All versions prior to v0.13.4 Patched Versions v0.13.4 and later Impact Users with permission to create...
MARIN3R: Cross-Namespace Vulnerability in the Operator
Summary Cross-namespace Secret access vulnerability in DiscoveryServiceCertificate allows users to bypass RBAC and access Secrets in unauthorized namespaces. Affected Versions All versions prior to v0.13.4 Patched Versions v0.13.4 and later Impact Users with permission to create...
PT-2025-45114
Name of the Vulnerable Software and Affected Versions MARIN3R versions 0.13.3 and below Description MARIN3R, a lightweight, CRD based envoy control plane for kubernetes, contains a flaw where a cross-namespace secret access issue exists in the DiscoveryServiceCertificate component. This allows...
MARIN3R: Cross-Namespace Vulnerability in the Operator
Cross-namespace Secret access vulnerability in DiscoveryServiceCertificate allows users to bypass RBAC and access Secrets in unauthorized namespaces...
Siemens SIMATIC Devices Improper Restriction of Communication Channel to Intended Endpoints (CVE-2024-35884)
In the Linux kernel, the following vulnerability has been resolved: udp: do not accept non-tunnel GSO skbs landing in a tunnel When rx- udp-gro-forwarding is enabled UDP packets might be GROed when being forwarded. If such packets might land in a tunnel this can cause various issues and...
CVE-2025-62159
External Secrets Operator reads information from a third-party service and automatically injects the values as Kubernetes Secrets. A vulnerability was discovered in the BeyondTrust provider implementation for External Secrets Operator versions 0.10.1 through 0.19.2. The provider previously...
CVE-2025-62159
External Secrets Operator reads information from a third-party service and automatically injects the values as Kubernetes Secrets. A vulnerability was discovered in the BeyondTrust provider implementation for External Secrets Operator versions 0.10.1 through 0.19.2. The provider previously...
Missing Authorization
Overview Affected versions of this package are vulnerable to Missing Authorization due to the resolvers.SecretKeyRef process not being used for namespace validation. An attacker can gain unauthorized access to secrets across namespaces by exploiting the lack of proper namespace checks during secr...
CVE-2025-62159 External Secrets Operator's BeyondTrust Provider has Insecure Secret Retrieval
External Secrets Operator reads information from a third-party service and automatically injects the values as Kubernetes Secrets. A vulnerability was discovered in the BeyondTrust provider implementation for External Secrets Operator versions 0.10.1 through 0.19.2. The provider previously...
CVE-2025-62159
CVE-2025-62159 affects External Secrets Operator’s BeyondTrust provider (versions 0.10.1–0.19.2). The legacy code retrieved Kubernetes secrets directly without validating namespace context or secret store type, enabling cross‑namespace secret access and security boundary violations. In version 0....
CVE-2025-62159 External Secrets Operator's BeyondTrust Provider has Insecure Secret Retrieval
External Secrets Operator reads information from a third-party service and automatically injects the values as Kubernetes Secrets. A vulnerability was discovered in the BeyondTrust provider implementation for External Secrets Operator versions 0.10.1 through 0.19.2. The provider previously...
EUVD-2025-33793
External Secrets Operator reads information from a third-party service and automatically injects the values as Kubernetes Secrets. A vulnerability was discovered in the BeyondTrust provider implementation for External Secrets Operator versions 0.10.1 through 0.19.2. The provider previously...
CVE-2025-62159 External Secrets Operator's BeyondTrust Provider has Insecure Secret Retrieval
External Secrets Operator reads information from a third-party service and automatically injects the values as Kubernetes Secrets. A vulnerability was discovered in the BeyondTrust provider implementation for External Secrets Operator versions 0.10.1 through 0.19.2. The provider previously...
PT-2025-41614
Name of the Vulnerable Software and Affected Versions External Secrets Operator versions 0.10.1 through 0.19.2 Description The External Secrets Operator reads information from a third-party service and automatically injects the values as Kubernetes Secrets. A flaw exists in the BeyondTrust provid...
External Secrets 访问控制错误漏洞
External Secrets is a Kubernetes-related application in the External Secrets open source. An access control error vulnerability exists in External Secrets versions 0.10.1 through 0.19.2, which stems from an unvalidated namespace context or keystore type, and could lead to unauthorized...