CVE-2018-2475
The CVE describes a Gardener-specific issue where the Kubernetes apiserver of a shoot cluster resides in the seed cluster, and due to missing network isolation the shoot’s apiserver can access services in the seed’s private network. This could, in theory, enable compromise of other shoot or seed ...