Security Advisory

CVE-2025-64171

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-11-06 00:23:48

Last updated 2025-11-06 21:17:02

Assigner GitHub_M

State PUBLISHED

Description

MARIN3R is a lightweight, CRD based envoy control plane for kubernetes. In versions 0.13.3 and below, there is a cross-namespace secret access vulnerability in the projects DiscoveryServiceCertificate which allows users to bypass RBAC and access secrets in unauthorized namespaces. This issue is fixed in version 0.13.4.

← Browse all CVEs View on cve.org ↗