CVE-2023-48225
CVE-2023-48225 affects Laf prior to v1.0.0-beta.13, where lax control of app environment variables enables leakage of sensitive data from secrets/configmaps via k8s envFrom. Root cause described: ES6 object references cause the entire referenced object to be embedded into the deployment template ...