pkg:Go/github.com/external-secrets/external-secrets
8 total CVEsHIGH2MEDIUM1
✅ Check your installed version
All known vulnerabilities
HIGH8.3CVE-2024-45041External Secrets Operator vulnerable to privilege escalation in github.com/external-secrets/external-secrets from 0, < 0.10.2
HIGH8.3CVE-2024-45041External Secrets Operator vulnerable to privilege escalation in github.com/external-secrets/external-secrets from 0, < 0.10.2
MEDIUM6.5CVE-2026-34984External Secrets Operator has DNS-based secret exfiltration via getHostByName in External Secrets v2 template engine from 0, < 1.3.3-0.20260331202714-6800989bdc12
—External Secrets Operator has Namespace Isolation Bypass in CAProvider ConfigMap Resolution for SecretStore
from 0, < 2.4.0
—External Secrets Operator insecurely retrieves secrets through the getSecretKey templating function in github.com/external-secrets/external-secrets
>= 0.20.2, < 1.2.0
—External Secrets Operator insecurely retrieves secrets through the getSecretKey templating function in github.com/external-secrets/external-secrets
>= 0.20.2, < 1.2.0
—External Secrets Operator's Missing Namespace Restriction Allows Unauthorized Secret Access in github.com/external-secrets/external-secrets
>= 0.15.0, < 0.19.2
—External Secrets Operator's Missing Namespace Restriction Allows Unauthorized Secret Access in github.com/external-secrets/external-secrets
>= 0.15.0, < 0.19.2