CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6 matches found

SUSE CVE•added 2025/05/27 1:10 a.m.•1 views

SUSE CVE-2025-47283

Gardener implements the automated management and operation of Kubernetes clusters as a service. A security vulnerability was discovered in Gardener prior to versions 1.116.4, 1.117.5, 1.118.2, and 1.119.0 that could allow a user with administrative privileges for a Gardener project to obtain...

9.9CVSS6.6AI score0.00129EPSS

Exploits0References3

SUSE CVE•added 2025/05/27 1:10 a.m.•0 views

SUSE CVE-2025-47284

Gardener implements the automated management and operation of Kubernetes clusters as a service. A security vulnerability was discovered in the gardenlet component of Gardener prior to versions 1.116.4, 1.117.5, 1.118.2, and 1.119.0. It could allow a user with administrative privileges for a...

9.9CVSS6.6AI score0.00256EPSS

Exploits0References3

Veracode•added 2025/05/21 5:11 a.m.•6 views

Privilege Escalation

github.com/gardener/gardener is vulnerable to a Privilege Escalation. The vulnerability is due to insufficient access control and trust boundary enforcement in the gardenlet component, which allowed project administrators to interact with or influence seed cluster resources beyond their intended...

9.9CVSS6.7AI score0.00129EPSS

Exploits0References6Affected Software1

Snyk•added 2025/05/19 7:43 p.m.•1 views

Improper Neutralization

Overview Affected versions of this package are vulnerable to Improper Neutralization via the gardenlet component. An attacker with administrative privileges for a Gardener project can escalate privileges and gain control over the seed clusters by injecting malicious metadata into a project secret...

9.9CVSS7.2AI score0.00256EPSS

Exploits0References2