External-secrets External_secrets_operator

4 CVEs affecting External-secrets External_secrets_operator. Latest disclosed: 2026-04-14. Critical: 1, High: 2.

Top CVEs affecting External-secrets External_secrets_operator
CVESeverityScorePublishedSummary
CVE-2024-36540Critical9.82024-07-24Insecure permissions in external-secrets v0.9.16 allows attackers to access sensitive data and escalate privileges by obtaining the service account's token.
CVE-2026-22822High8.82026-01-21External Secrets Operator reads information from a third-party service and automatically injects the values as Kubernetes Secrets. Starting in version 0.20.2…
CVE-2024-45041High8.32024-09-09External Secrets Operator is a Kubernetes operator that integrates external secret management systems. The external-secrets has a deployment called default-ext…
CVE-2026-34984Medium6.52026-04-14External Secrets Operator reads information from a third-party service and automatically injects the values as Kubernetes Secrets. Versions 2.2.0 and below con…