41 matches found
GHSA-X4MJ-7F9G-29H4 vulnerabilities
Vulnerabilities for packages: external-dns-fips, k8sgateway-fips, k8sgateway, external-dns...
GHSA-X4MJ-7F9G-29H4 vulnerabilities
Vulnerabilities for packages: external-dns, k8sgateway...
CVE-2026-41246 vulnerabilities
Vulnerabilities for packages: external-dns, k8sgateway...
CVE-2026-41246 vulnerabilities
Vulnerabilities for packages: external-dns-fips, k8sgateway-fips, k8sgateway, external-dns...
CLEANSTART-2026-HA09227 Security fixes for CVE-2025-47911, CVE-2025-47913, CVE-2025-47914, CVE-2025-58181, CVE-2025-58190, CVE-2025-61726, CVE-2025-61727, CVE-2025-61728, CVE-2025-61729, CVE-2025-61730, CVE-2025-61732, CVE-2025-68121, CVE-2026-25679, CVE-2026-27137, CVE-2026-27138, CVE-2026-27139, CVE-2026-27141, CVE-2026-27142, CVE-2026-33186, ghsa-f6x5-jh6r-wrfv, ghsa-j5w8-q4qc-rx2x applied in versions: 0.18.0-r0, 0.18.0-r1
Multiple security vulnerabilities affect the external-dns package. These issues are resolved in later releases. See references for individual vulnerability details...
CVE-2026-25679 vulnerabilities
Vulnerabilities for packages: cluster-api-ipam-provider-in-cluster, minc-fips, pgwatch, jobset-fips, kube-logging-operator, kubernetes-ingress-defaultbackend-fips, apache-exporter, nri-mongodb, cluster-api-provider-vsphere, yunikorn-k8shim, json-exporter-fips, prometheus-stackdriver-exporter,...
GHSA-J4J7-VW47-RHFQ vulnerabilities
Vulnerabilities for packages: pgwatch, jobset-fips, apache-exporter, cluster-api-provider-vsphere, yunikorn-k8shim, json-exporter-fips, prometheus-stackdriver-exporter, docker-compose-fips, boring-registry, gitlab-operator, kubernetes-csi-external-resizer-fips, thanos-receive-controller,...
CLEANSTART-2026-ER42900 ParseAddress function constructs domain-literal address components through repeated string concatenation
Multiple security vulnerabilities affect the external-dns-fips package. The ParseAddress function constructs domain-literal address components through repeated string concatenation. See references for individual vulnerability details...
CVE-2025-13147 External Service Interaction (DNS)
Server-Side Request Forgery SSRF vulnerability in Progress MOVEit Transfer.This issue affects MOVEit Transfer: before 2024.1.8, from 2025.0.0 before 2025.0.4...
FreeBSD : zeek -- information leak vulnerability (50fd6a75-0587-4987-bef2-bb933cd78ea1)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 50fd6a75-0587-4987-bef2-bb933cd78ea1 advisory. Tim Wojtulewicz of Corelight reports: The KRB analyzer can leak information about hosts in analyzed...
SUSE CVE-2025-47282
Gardener External DNS Management is an environment to manage external DNS entries for a kubernetes cluster. A security vulnerability was discovered in Gardener's External DNS Management prior to version 0.23.6 that could allow a user with administrative privileges for a Gardener project or a user...
GO-2025-3697 Gardener External DNS Management allows malicious google credential in DNS secret to lead to privilege escalation in github.com/gardener/external-dns-management
Gardener External DNS Management allows malicious google credential in DNS secret to lead to privilege escalation in github.com/gardener/external-dns-management...
CVE-2025-47282
Gardener External DNS Management is an environment to manage external DNS entries for a kubernetes cluster. A security vulnerability was discovered in Gardener's External DNS Management prior to version 0.23.6 that could allow a user with administrative privileges for a Gardener project or a user...
Privilege Escalation
github.com/gardener/external-dns-management is vulnerable to a privilege escalation. The vulnerability is due to insufficient isolation and access control between shoot clusters and the seed cluster in the external-dns-management component, which allows an attacker with admin access to a shoot...
GHSA-XWGG-M7FX-83WX Gardener External DNS Management allows malicious google credential in DNS secret to lead to privilege escalation
A security vulnerability was discovered in Gardener that could allow a user with administrative privileges for a Gardener project or a user with administrative privileges for a shoot cluster, including administrative privileges for a single namespace of the shoot cluster, to obtain control over t...
CVE-2025-47282
Gardener External DNS Management is an environment to manage external DNS entries for a kubernetes cluster. A security vulnerability was discovered in Gardener's External DNS Management prior to version 0.23.6 that could allow a user with administrative privileges for a Gardener project or a user...
CVE-2025-47282 Malicious google credential in DNS secret can lead to privilege escalation
Gardener External DNS Management is an environment to manage external DNS entries for a kubernetes cluster. A security vulnerability was discovered in Gardener's External DNS Management prior to version 0.23.6 that could allow a user with administrative privileges for a Gardener project or a user...
CVE-2025-47282 Malicious google credential in DNS secret can lead to privilege escalation
Gardener External DNS Management is an environment to manage external DNS entries for a kubernetes cluster. A security vulnerability was discovered in Gardener's External DNS Management prior to version 0.23.6 that could allow a user with administrative privileges for a Gardener project or a user...
CVE-2025-47282
CVE-2025-47282 affects Gardener External DNS Management (< 0.23.6) and, when enabled, the shoot-dns-service extension (= 0.23.6; for the extension, upgrade the shoot-dns-service extension beyond v1.60.0. If exploitation details are provided in the connected documents they are not included here...
External DNS Management 输入验证错误漏洞
External DNS Management is a Gardener open source environment for managing external DNS entries for kubernetes clusters. An input validation error vulnerability exists in External DNS Management versions prior to 0.23.6, which stems from malicious Google credentials in DNS and could lead to...