Vulnerability Database

300,214

Total vulnerabilities in the database

CVE-2025-64171

MARIN3R is a lightweight, CRD based envoy control plane for kubernetes. In versions 0.13.3 and below, there is a cross-namespace secret access vulnerability in the project's DiscoveryServiceCertificate which allows users to bypass RBAC and access secrets in unauthorized namespaces. This issue is fixed in version 0.13.4.

Published: Nov 4, 2025
Updated: Nov 12, 2025
CVE: CVE-2025-64171
GHSA: GHSA-gf93-xccm-5g6j
Severity: High
Exploit:

No technical information available.

CWEs:

CWE-862

Affected Software
References

Software	From	Fixed in
github.com/3scale-sre/marin3r	-	0.13.4

https://github.com/3scale-sre/marin3r/commit/859b14115fde1d67620e645cd1b62e90e30d9981
https://github.com/3scale-sre/marin3r/commit/c60246a43ae8c0c38dd7267f298d68a121a159fa
https://github.com/3scale-sre/marin3r/pull/294
https://github.com/3scale-sre/marin3r/security/advisories/GHSA-gf93-xccm-5g6j

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo