Filtered by vendor Google
Subscribe
Filtered by product Secret Manager Provider For Secret Store Csi Driver
Subscribe
Total
1 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2020-8567 | 3 Google, Hashicorp, Microsoft | 3 Secret Manager Provider For Secret Store Csi Driver, Vault Provider For Secrets Store Csi Driver, Azure Key Vault Provider For Secrets Store Csi Driver | 2024-02-28 | 4.0 MEDIUM | 6.5 MEDIUM |
Kubernetes Secrets Store CSI Driver Vault Plugin prior to v0.0.6, Azure Plugin prior to v0.0.10, and GCP Plugin prior to v0.2.0 allow an attacker who can create specially-crafted SecretProviderClass objects to write to arbitrary file paths on the host filesystem, including /var/lib/kubelet/pods. |