SUSE CVE-2025-47283

Gardener implements the automated management and operation of Kubernetes clusters as a service. A security vulnerability was discovered in Gardener prior to versions 1.116.4, 1.117.5, 1.118.2, and 1.119.0 that could allow a user with administrative privileges for a Gardener project to obtain...

SUSE CVE-2025-47284

Gardener implements the automated management and operation of Kubernetes clusters as a service. A security vulnerability was discovered in the gardenlet component of Gardener prior to versions 1.116.4, 1.117.5, 1.118.2, and 1.119.0. It could allow a user with administrative privileges for a...

Improper Neutralization

Overview Affected versions of this package are vulnerable to Improper Neutralization via the gardenlet component. An attacker with administrative privileges for a Gardener project can escalate privileges and gain control over the seed clusters by injecting malicious metadata into a project secret...

Privilege Chaining

Overview Affected versions of this package are vulnerable to Privilege Chaining via the project secret validation process. An attacker can escalate privileges and potentially gain control over seed clusters by bypassing the intended security restrictions. Remediation Upgrade...

Gardener 安全漏洞

Gardener is an open source Kubernetes cluster management tool from Gardener Open Source. The product supports managing, monitoring and updating Kubernetes clusters. A security vulnerability exists in Gardener versions prior to 1.116.4, prior to 1.117.5, prior to 1.118.2, and prior to 1.119.0, whi...