2 matches found
CVE-2026-22822
CVE-2026-22822 affects the External Secrets Operator. The root issue is the getSecretKey templating function, which in versions starting from 0.20.2 and prior to 1.2.0 allowed cross‑namespace retrieval of secrets via the controller’s roleBinding, bypassing safeguards. This could lead to unauthori...
PT-2025-45114
Name of the Vulnerable Software and Affected Versions MARIN3R versions 0.13.3 and below Description MARIN3R, a lightweight, CRD based envoy control plane for kubernetes, contains a flaw where a cross-namespace secret access issue exists in the DiscoveryServiceCertificate component. This allows...