CVE-2023-2878

Source
https://nvd.nist.gov/vuln/detail/CVE-2023-2878
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-2878.json
Aliases
Published
2023-06-07T15:15:09Z
Modified
2023-11-29T10:03:48.114113Z
Details

Kubernetes secrets-store-csi-driver in versions before 1.3.3 discloses service account tokens in logs.

References

Affected packages

Git / github.com/kubernetes-sigs/secrets-store-csi-driver

Affected ranges

Type
GIT
Repo
https://github.com/kubernetes-sigs/secrets-store-csi-driver
Events
Introduced
0The exact introduced commit is unknown
Fixed
c8cfb5043a9839f08cc4fa1fd25268d9ecd880d0

Affected versions

v0.*

v0.0.1
v0.0.10
v0.0.11
v0.0.12
v0.0.13
v0.0.14
v0.0.15
v0.0.16
v0.0.17
v0.0.18
v0.0.19
v0.0.2
v0.0.20
v0.0.21
v0.0.22
v0.0.23
v0.0.3
v0.0.5
v0.0.6
v0.0.7
v0.0.8
v0.0.9

v1.*

v1.0.0
v1.3.0
v1.3.1
v1.3.2