Vulnerabilities > Kubernetes > Secrets Store CSI Driver > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-06-07 CVE-2023-2878 Information Exposure Through Log Files vulnerability in Kubernetes Secrets-Store-Csi-Driver
Kubernetes secrets-store-csi-driver in versions before 1.3.3 discloses service account tokens in logs.
local
low complexity
kubernetes CWE-532
5.5
2021-01-21 CVE-2020-8568 Path Traversal vulnerability in Kubernetes Secrets Store CSI Driver 0.0.15/0.0.16
Kubernetes Secrets Store CSI Driver versions v0.0.15 and v0.0.16 allow an attacker who can modify a SecretProviderClassPodStatus/Status resource the ability to write content to the host filesystem and sync file contents to Kubernetes Secrets.
network
low complexity
kubernetes CWE-22
6.5