Lucene search
+L

12 matches found

RedHat Linux
RedHat Linux
added 2 days ago6 views

Important: Red Hat Security Advisory: external secrets operator for Red Hat OpenShift 1.0.0

external secrets operator for Red Hat OpenShift 1.0.0 The External Secrets Operator for Red Hat OpenShift builds on top of Kubernetes, which integrates external secret management systems like AWS Secrets Manager, HashiCorp Vault, Google Secrets Manager, Azure Key Vault, IBM Cloud Secrets Manager,...

10CVSS7AI score0.01945EPSS
Exploits1References4
OSV
OSV
added 2026/05/07 6:31 a.m.8 views

GHSA-2MH5-3CW6-HRRQ Spring Cloud Config has an Authorization Bypass Through User-Controlled Key

When using Google Secrets Manager as a backend for the Spring Cloud Config server a client can craft a request to the config server potentially exposing secrets from unintended GCP projects. Spring Cloud Config 3.1.x: affected from 3.1.0 through 3.1.13 inclusive; upgrade to 3.1.14 or greater...

7.5CVSS5.8AI score0.00435EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/05/07 6:31 a.m.14 views

Spring Cloud Config has an Authorization Bypass Through User-Controlled Key

When using Google Secrets Manager as a backend for the Spring Cloud Config server a client can craft a request to the config server potentially exposing secrets from unintended GCP projects. Spring Cloud Config 3.1.x: affected from 3.1.0 through 3.1.13 inclusive; upgrade to 3.1.14 or greater...

7.5CVSS5.8AI score0.00435EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2026/05/07 4:16 a.m.55 views

CVE-2026-40981

When using Google Secrets Manager as a backend for the Spring Cloud Config server a client can craft a request to the config server potentially exposing secrets from unintended GCP projects. Spring Cloud Config 3.1.x: affected from 3.1.0 through 3.1.13 inclusive; upgrade to 3.1.14 or greater...

7.5CVSS0.00435EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/05/07 3:55 a.m.8 views

CVE-2026-40981

When using Google Secrets Manager as a backend for the Spring Cloud Config server a client can craft a request to the config server potentially exposing secrets from unintended GCP projects. Spring Cloud Config 3.1.x: affected from 3.1.0 through 3.1.13 inclusive; upgrade to 3.1.14 or greater...

7.5CVSS5.8AI score0.00435EPSS
Exploits0References1
CVE
CVE
added 2026/05/07 3:55 a.m.45 views

CVE-2026-40981

CVE-2026-40981 : In Spring Cloud Config Server using Google Secrets Manager as a backend, a crafted request can expose secrets from unintended GCP projects. Affected versions and upgrades: 3.1.x: 3.1.0–3.1.13 → upgrade to 3.1.14+ 4.1.x: 4.1.0–4.1.9 → upgrade to 4.1.10+ 4.2.x: 4.2.0–4.2.6 → upgrad...

7.5CVSS5.8AI score0.00435EPSS
Exploits0References4Affected Software1
EUVD
EUVD
added 2026/05/07 3:55 a.m.40 views

EUVD-2026-28245

When using Google Secrets Manager as a backend for the Spring Cloud Config server a client can craft a request to the config server potentially exposing secrets from unintended GCP projects. Spring Cloud Config 3.1.x: affected from 3.1.0 through 3.1.13 inclusive; upgrade to 3.1.14 or greater...

7.5CVSS5.8AI score0.00435EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/07 3:55 a.m.6 views

CVE-2026-40981

When using Google Secrets Manager as a backend for the Spring Cloud Config server a client can craft a request to the config server potentially exposing secrets from unintended GCP projects. Spring Cloud Config 3.1.x: affected from 3.1.0 through 3.1.13 inclusive; upgrade to 3.1.14 or greater...

7.5CVSS5.8AI score0.00435EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/05/07 3:55 a.m.4 views

CVE-2026-40981

When using Google Secrets Manager as a backend for the Spring Cloud Config server a client can craft a request to the config server potentially exposing secrets from unintended GCP projects. Spring Cloud Config 3.1.x: affected from 3.1.0 through 3.1.13 inclusive; upgrade to 3.1.14 or greater...

7.5CVSS5.9AI score0.00435EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/05/07 12:0 a.m.11 views

VMware Spring Cloud Config 安全漏洞

VMware Spring Cloud Config is a configuration management solution for distributed systems developed by VMware, Inc. This product primarily provides server and client support for external configurations in distributed systems. There is a security vulnerability in VMware Spring Cloud Config, which...

7.5CVSS5.8AI score0.00435EPSS
Exploits0References1
Spring Security Advisories
Spring Security Advisories
added 2026/05/06 12:0 a.m.7 views

Spring Cloud Config Clients Can Access Secrets From Any Project The Config Server Has Access To On Google Secrets Manager

When using Google Secrets Manager as a backend for the Spring Cloud Config server a client can craft a request to the config server potentially exposing secrets from unintended GCP projects...

7.5CVSS5.8AI score0.00435EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2024/09/24 12:0 a.m.15 views

PT-2024-14790 · WordPress · W3 Total Cache

Name of the Vulnerable Software and Affected Versions: W3 Total Cache plugin for WordPress versions up to, and including, 2.7.5 Description: The issue allows unauthenticated attackers to expose sensitive information, specifically Google OAuth API secrets stored in plaintext in the plugin source...

7.5CVSS6.9AI score0.00813EPSS
Exploits1References7
Rows per page
Query Builder