Filtered by vendor Microsoft
Subscribe
Filtered by product Azure Key Vault Provider For Secrets Store Csi Driver
Subscribe
Total
1 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-8567 | 3 Google, Hashicorp, Microsoft | 3 Secret Manager Provider For Secret Store Csi Driver, Vault Provider For Secrets Store Csi Driver, Azure Key Vault Provider For Secrets Store Csi Driver | 2023-12-10 | 4.0 MEDIUM | 6.5 MEDIUM |
| Kubernetes Secrets Store CSI Driver Vault Plugin prior to v0.0.6, Azure Plugin prior to v0.0.10, and GCP Plugin prior to v0.2.0 allow an attacker who can create specially-crafted SecretProviderClass objects to write to arbitrary file paths on the host filesystem, including /var/lib/kubelet/pods. | |||||