漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
MARIN3R: Cross-Namespace Vulnerability in the Operator
Vulnerability Description
MARIN3R is a lightweight, CRD based envoy control plane for kubernetes. In versions 0.13.3 and below, there is a cross-namespace secret access vulnerability in the project's DiscoveryServiceCertificate which allows users to bypass RBAC and access secrets in unauthorized namespaces. This issue is fixed in version 0.13.4.
CVSS Information
N/A
Vulnerability Type
授权机制缺失
Vulnerability Title
marin3r 安全漏洞
Vulnerability Description
marin3r是Red Hat 3scale SRE开源的一个基于CRD的轻量级kubernetes控制面板。 marin3r 0.13.3及之前版本存在安全漏洞,该漏洞源于DiscoveryServiceCertificate存在跨命名空间秘密访问漏洞,可能导致绕过RBAC并访问未经授权的命名空间中的秘密。
CVSS Information
N/A
Vulnerability Type
N/A