Vulnerabilities (CVE)

Filtered by vendor Google Subscribe
Filtered by product Secret Manager Provider For Secret Store Csi Driver
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-8567 3 Google, Hashicorp, Microsoft 3 Secret Manager Provider For Secret Store Csi Driver, Vault Provider For Secrets Store Csi Driver, Azure Key Vault Provider For Secrets Store Csi Driver 2024-02-28 4.0 MEDIUM 6.5 MEDIUM
Kubernetes Secrets Store CSI Driver Vault Plugin prior to v0.0.6, Azure Plugin prior to v0.0.10, and GCP Plugin prior to v0.2.0 allow an attacker who can create specially-crafted SecretProviderClass objects to write to arbitrary file paths on the host filesystem, including /var/lib/kubelet/pods.