pkg:Go/github.com/external-secrets/external-secrets
8 total CVEsHIGH2MEDIUM1
✅ Check your installed version
All known vulnerabilities
- HIGH8.3CVE-2024-45041External Secrets Operator vulnerable to privilege escalation in github.com/external-secrets/external-secretsfrom 0, < 0.10.2
- HIGH8.3CVE-2024-45041External Secrets Operator vulnerable to privilege escalation in github.com/external-secrets/external-secretsfrom 0, < 0.10.2
- MEDIUM6.5CVE-2026-34984External Secrets Operator has DNS-based secret exfiltration via getHostByName in External Secrets v2 template enginefrom 0, < 1.3.3-0.20260331202714-6800989bdc12
- —CVE-2026-42875External Secrets Operator has Namespace Isolation Bypass in CAProvider ConfigMap Resolution for SecretStorefrom 0, < 2.4.0
- —CVE-2026-22822External Secrets Operator insecurely retrieves secrets through the getSecretKey templating function>= 0.20.2, < 1.2.0
- —CVE-2026-22822External Secrets Operator insecurely retrieves secrets through the getSecretKey templating function>= 0.20.2, < 1.2.0
- —CVE-2025-55196External Secrets Operator's Missing Namespace Restriction Allows Unauthorized Secret Access in github.com/external-secrets/external-secrets>= 0.15.0, < 0.19.2
- —CVE-2025-55196External Secrets Operator's Missing Namespace Restriction Allows Unauthorized Secret Access in github.com/external-secrets/external-secrets>= 0.15.0, < 0.19.2