GCVE - cpe:2.3:a:kubernetes:secrets-store-csi-driver:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:kubernetes:secrets-store-csi-driver:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Kubernetes (`3ee05930-9e42-51b2-ad52-30832f573b15`)
Product	Secrets Store Csi Driver (`5ad8dccf-027d-5210-8894-e2f6cb67c82a`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from purl2cpe mapping

PURL mappings

PURL	Source	Last updated
`pkg:github/kubernetes-sigs/secrets-store-csi-driver`	purl2cpe	2026-06-01 10:13:27.532165
`pkg:golang/github.com/kubernetes-sigs/secrets-store-csi-driver`	purl2cpe	2026-06-01 10:13:27.532169

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2023-2878`	vulnerable	2026-06-03 14:51:44.593971	Kubernetes secrets-store-csi-driver discloses service account tokens in logs MEDIUM (6.5) Kubernetes secrets-store-csi-driver in versions before 1.3.3 discloses service account tokens in logs. Published: 2023-06-07T14:35:10.295Z Updated: 2025-02-13T16:48:51.962Z Open on db.gcve.eu Reference links https://github.com/kubernetes/kubernetes/issues/118419 https://groups.google.com/g/kubernetes-security-announce/c/5K8ghQHBDdQ/m/Udee6YUgAAAJ https://security.netapp.com/advisory/ntap-20230814-0003/	Imported from gcve-enriched-dumps CVE data

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.