external-secrets-operator-2.3

Direct Vulnerabilities

Known vulnerabilities in the external-secrets-operator-2.3 package. This does not include vulnerabilities belonging to this package’s dependencies.

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Vulnerability	Vulnerable Version
L GHSA-hfvc-g4fc-pqhx	<2.3.0-r13
H Untrusted Search Path	<2.3.0-r13
L GHSA-cp6g-7hqx-qxhp	<2.3.0-r12
L CVE-2026-2303	<2.3.0-r12
L Improper Authorization	<2.3.0-r11
L GHSA-fq7h-9x26-6j22	<2.3.0-r11
L Improper Authorization	<2.3.0-r11
L GHSA-wv26-88m5-6h59	<2.3.0-r11
L Improper Verification of Cryptographic Signature	<2.3.0-r10
L Improper Certificate Validation	<2.3.0-r10
L Integer Overflow or Wraparound	<2.3.0-r10
L Out-of-Bounds	<2.3.0-r10
L Missing Authorization	<2.3.0-r10
L Deserialization of Untrusted Data	<2.3.0-r10
L Improper Enforcement of Message Integrity During Transmission in a Communication Channel	<2.3.0-r10
L Incorrect Type Conversion or Cast	<2.3.0-r10
L GHSA-crhj-59gh-8x96	<2.3.0-r8
L Directory Traversal	<2.3.0-r8
L GHSA-m7cr-m3pv-hgrp	<2.3.0-r8
C Improper Encoding or Escaping of Output	<2.3.0-r8
H Incorrect Behavior Order: Validate Before Canonicalize	<2.3.0-r7
L GHSA-389r-gv7p-r3rp	<2.3.0-r7
H Loop with Unreachable Exit Condition ('Infinite Loop')	<2.3.0-r6
H Insufficiently Protected Credentials	<2.3.0-r1
L GHSA-mh2q-q3fh-2475	<2.3.0-r4
L Allocation of Resources Without Limits or Throttling	<2.3.0-r4
L GHSA-pjcq-xvwq-hhpj	<2.3.0-r3
H Integer Overflow or Wraparound	<2.3.0-r3
L GHSA-3xc5-wrhm-f963	<2.3.0-r1