12 matches found
CVE-2025-64171
A cross-namespace authorization flaw has been identified in the MARIN3R operator’s DiscoveryServiceCertificate resource. The flaw occurs because the operator mistakenly treats certain inputs as valid, bypassing Kubernetes Role-Based Access Control RBAC. When a user has permission to create...
CVE-2025-64171
MARIN3R is a lightweight, CRD based envoy control plane for kubernetes. In versions 0.13.3 and below, there is a cross-namespace secret access vulnerability in the project's DiscoveryServiceCertificate which allows users to bypass RBAC and access secrets in unauthorized namespaces. This issue is...
CVE-2025-64171 MARIN3R: Cross-Namespace Vulnerability in the Operator
MARIN3R is a lightweight, CRD based envoy control plane for kubernetes. In versions 0.13.3 and below, there is a cross-namespace secret access vulnerability in the project's DiscoveryServiceCertificate which allows users to bypass RBAC and access secrets in unauthorized namespaces. This issue is...
EUVD-2025-37859
MARIN3R is a lightweight, CRD based envoy control plane for kubernetes. In versions 0.13.3 and below, there is a cross-namespace secret access vulnerability in the project's DiscoveryServiceCertificate which allows users to bypass RBAC and access secrets in unauthorized namespaces. This issue is...
CVE-2025-64171
CVE-2025-64171 MARIN3R is a cross-namespace secret access vulnerability in the MARIN3R operator. In versions ≤ 0.13.3, DiscoveryServiceCertificate could bypass RBAC, allowing a user who can create DiscoveryServiceCertificate resources in one namespace to indirectly read Secrets in other namespace...
CVE-2025-64171 MARIN3R: Cross-Namespace Vulnerability in the Operator
MARIN3R is a lightweight, CRD based envoy control plane for kubernetes. In versions 0.13.3 and below, there is a cross-namespace secret access vulnerability in the project's DiscoveryServiceCertificate which allows users to bypass RBAC and access secrets in unauthorized namespaces. This issue is...
CVE-2025-64171 MARIN3R: Cross-Namespace Vulnerability in the Operator
MARIN3R is a lightweight, CRD based envoy control plane for kubernetes. In versions 0.13.3 and below, there is a cross-namespace secret access vulnerability in the project's DiscoveryServiceCertificate which allows users to bypass RBAC and access secrets in unauthorized namespaces. This issue is...
marin3r 安全漏洞
marin3r is a lightweight CRD-based kubernetes control panel open-sourced by Red Hat 3scale SRE. A security vulnerability exists in marin3r 0.13.3 and earlier versions, which stems from a cross-namespace secret access vulnerability in DiscoveryServiceCertificate that could lead to bypassing RBAC a...
Missing Authorization
Overview Affected versions of this package are vulnerable to Missing Authorization via the getIssuerCertificate function. An attacker can gain unauthorized access to Secrets in other namespaces by bypassing RBAC restrictions. This is only exploitable if the attacker has permission to create...
MARIN3R: Cross-Namespace Vulnerability in the Operator
Summary Cross-namespace Secret access vulnerability in DiscoveryServiceCertificate allows users to bypass RBAC and access Secrets in unauthorized namespaces. Affected Versions All versions prior to v0.13.4 Patched Versions v0.13.4 and later Impact Users with permission to create...
PT-2025-45114
Name of the Vulnerable Software and Affected Versions MARIN3R versions 0.13.3 and below Description MARIN3R, a lightweight, CRD based envoy control plane for kubernetes, contains a flaw where a cross-namespace secret access issue exists in the DiscoveryServiceCertificate component. This allows...
MARIN3R: Cross-Namespace Vulnerability in the Operator
Cross-namespace Secret access vulnerability in DiscoveryServiceCertificate allows users to bypass RBAC and access Secrets in unauthorized namespaces...