8 matches found
CVE-2025-62159
External Secrets Operator reads information from a third-party service and automatically injects the values as Kubernetes Secrets. A vulnerability was discovered in the BeyondTrust provider implementation for External Secrets Operator versions 0.10.1 through 0.19.2. The provider previously...
CVE-2025-62159
External Secrets Operator reads information from a third-party service and automatically injects the values as Kubernetes Secrets. A vulnerability was discovered in the BeyondTrust provider implementation for External Secrets Operator versions 0.10.1 through 0.19.2. The provider previously...
CVE-2025-62159 External Secrets Operator's BeyondTrust Provider has Insecure Secret Retrieval
External Secrets Operator reads information from a third-party service and automatically injects the values as Kubernetes Secrets. A vulnerability was discovered in the BeyondTrust provider implementation for External Secrets Operator versions 0.10.1 through 0.19.2. The provider previously...
EUVD-2025-33793
External Secrets Operator reads information from a third-party service and automatically injects the values as Kubernetes Secrets. A vulnerability was discovered in the BeyondTrust provider implementation for External Secrets Operator versions 0.10.1 through 0.19.2. The provider previously...
CVE-2025-62159
CVE-2025-62159 affects External Secrets Operator’s BeyondTrust provider (versions 0.10.1–0.19.2). The legacy code retrieved Kubernetes secrets directly without validating namespace context or secret store type, enabling cross‑namespace secret access and security boundary violations. In version 0....
CVE-2025-62159 External Secrets Operator's BeyondTrust Provider has Insecure Secret Retrieval
External Secrets Operator reads information from a third-party service and automatically injects the values as Kubernetes Secrets. A vulnerability was discovered in the BeyondTrust provider implementation for External Secrets Operator versions 0.10.1 through 0.19.2. The provider previously...
CVE-2025-62159 External Secrets Operator's BeyondTrust Provider has Insecure Secret Retrieval
External Secrets Operator reads information from a third-party service and automatically injects the values as Kubernetes Secrets. A vulnerability was discovered in the BeyondTrust provider implementation for External Secrets Operator versions 0.10.1 through 0.19.2. The provider previously...
PT-2025-41614
Name of the Vulnerable Software and Affected Versions External Secrets Operator versions 0.10.1 through 0.19.2 Description The External Secrets Operator reads information from a third-party service and automatically injects the values as Kubernetes Secrets. A flaw exists in the BeyondTrust provid...