CVE-2019-12494
CVE-2019-12494 affects Gardener before 0.20.0. The root cause is incorrect access control in seed clusters: traffic from shoot to seed via the VPN endpoint is not blocked, allowing information disclosure by sending HTTP GET requests from one shoot cluster to foreign shoot clusters. This is descri...