SUSE CVE-2025-47282

Gardener External DNS Management is an environment to manage external DNS entries for a kubernetes cluster. A security vulnerability was discovered in Gardener's External DNS Management prior to version 0.23.6 that could allow a user with administrative privileges for a Gardener project or a user...

GO-2025-3697 Gardener External DNS Management allows malicious google credential in DNS secret to lead to privilege escalation in github.com/gardener/external-dns-management

Gardener External DNS Management allows malicious google credential in DNS secret to lead to privilege escalation in github.com/gardener/external-dns-management...

Privilege Escalation

github.com/gardener/external-dns-management is vulnerable to a privilege escalation. The vulnerability is due to insufficient isolation and access control between shoot clusters and the seed cluster in the external-dns-management component, which allows an attacker with admin access to a shoot...

GHSA-XWGG-M7FX-83WX Gardener External DNS Management allows malicious google credential in DNS secret to lead to privilege escalation

A security vulnerability was discovered in Gardener that could allow a user with administrative privileges for a Gardener project or a user with administrative privileges for a shoot cluster, including administrative privileges for a single namespace of the shoot cluster, to obtain control over t...

CVE-2025-47282

Gardener External DNS Management is an environment to manage external DNS entries for a kubernetes cluster. A security vulnerability was discovered in Gardener's External DNS Management prior to version 0.23.6 that could allow a user with administrative privileges for a Gardener project or a user...

CVE-2025-47282 Malicious google credential in DNS secret can lead to privilege escalation

Gardener External DNS Management is an environment to manage external DNS entries for a kubernetes cluster. A security vulnerability was discovered in Gardener's External DNS Management prior to version 0.23.6 that could allow a user with administrative privileges for a Gardener project or a user...

CVE-2025-47282

CVE-2025-47282 affects Gardener External DNS Management (< 0.23.6) and, when enabled, the shoot-dns-service extension (= 0.23.6; for the extension, upgrade the shoot-dns-service extension beyond v1.60.0. If exploitation details are provided in the connected documents they are not included here...

External DNS Management 输入验证错误漏洞

External DNS Management is a Gardener open source environment for managing external DNS entries for kubernetes clusters. An input validation error vulnerability exists in External DNS Management versions prior to 0.23.6, which stems from malicious Google credentials in DNS and could lead to...

PT-2025-22064 · Unknown · Gardener External Dns Management +1

Name of the Vulnerable Software and Affected Versions: Gardener External DNS Management versions prior to 0.23.6 gardener/gardener-extension-shoot-dns-service extension versions = v1.60.0 Description: A security issue was discovered in Gardener's External DNS Management that could allow a user wi...