8 matches found
CVE-2023-2878 vulnerabilities
Vulnerabilities for packages: secrets-store-csi-driver...
CVE-2023-2878
Kubernetes secrets-store-csi-driver in versions before 1.3.3 discloses service account tokens in logs...
CVE-2023-2878 Kubernetes secrets-store-csi-driver discloses service account tokens in logs
Kubernetes secrets-store-csi-driver in versions before 1.3.3 discloses service account tokens in logs...
CVE-2023-2878 Kubernetes secrets-store-csi-driver discloses service account tokens in logs
Kubernetes secrets-store-csi-driver in versions before 1.3.3 discloses service account tokens in logs...
CVE-2023-2878
CVE-2023-2878 affects Kubernetes secrets-store-csi-driver. The vulnerability occurs in versions before 1.3.3, where the driver discloses service account tokens in logs. This could allow an attacker with local access or log access to read leaked tokens, enabling impersonation of the associated ser...
secrets-store-csi-driver discloses service account tokens in logs
A security issue was discovered in secrets-store-csi-driver where an actor with access to the driver logs could observe service account tokens. These tokens could then potentially be exchanged with external cloud providers to access secrets stored in cloud vault solutions. Tokens are only logged...
SUSE CVE-2023-2878
Kubernetes secrets-store-csi-driver in versions before 1.3.3 discloses service account tokens in logs...
GHSA-G82W-58JF-GCXX secrets-store-csi-driver discloses service account tokens in logs
A security issue was discovered in secrets-store-csi-driver where an actor with access to the driver logs could observe service account tokens. These tokens could then potentially be exchanged with external cloud providers to access secrets stored in cloud vault solutions. Tokens are only logged...