6 matches found
CVE-2025-47283
CVE-2025-47283 affects Gardener installations using the gardenlet component prior to versions 1.116.4, 1.117.5, 1.118.2, and 1.119.0. A user with administrative privileges for a Gardener project could gain control over the seed clusters managing their shoots. The issue is fixed in versions >= ...
The vulnerability of the gitRepo function in the Kubernetes cluster management software allows a attacker to influence the confidentiality and integrity of the protected information.
The vulnerability of the gitRepo function in the Kubernetes cluster management software is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to influence the confidentiality and integrity of the protected information...
The vulnerability of the GCP Provider component of the automated Kubernetes cluster management system software allows a attacker to increase their privileges.
The vulnerability of the GCP Provider component of the automated Kubernetes cluster management system software relates to permission handling errors. Exploiting this vulnerability could allow an attacker to enhance their privileges by using a container that operates within a cluster, through...
Gardener 访问控制错误漏洞
Gardener is an open source Kubernetes cluster management tool. The product supports managing, monitoring, and updating Kubernetes clusters. Gardener suffers from an Access Control Error vulnerability that allows an attacker to incorrectly access the application. Configuration is leaked via a /api...
The vulnerability of the kube-apiserver component, which is part of the Kubernetes cluster management software, allows a attacker to compromise data integrity and cause service failures.
The vulnerability of the kube-apiserver component, which is part of the Kubernetes cluster management software, is related to improper authentication. Exploiting this vulnerability allows a remote attacker to compromise data integrity and cause service failures...
The vulnerability of the Kubernetes cluster management software lies in insufficient validation of input data, allowing attackers to compromise the confidentiality and integrity of the protected information.
The vulnerability of the Kubernetes cluster management software exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality and integrity of the protected information...