Lucene search
K

4 matches found

OSV
OSV
added 2025/09/25 2:17 p.m.6 views

CVE-2025-59823 Gardener providers vulnerable to code injection when Terraformer is used for infrastructure provisioning

Project Gardener implements the automated management and operation of Kubernetes clusters as a service. Code injection may be possible in Gardener Extensions for AWS providers prior to version 1.64.0, Azure providers prior to version 1.55.0, OpenStack providers prior to version 1.49.0, and GCP...

9.9CVSS9AI score0.00477EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2025/05/27 1:10 a.m.2 views

SUSE CVE-2025-47284

Gardener implements the automated management and operation of Kubernetes clusters as a service. A security vulnerability was discovered in the gardenlet component of Gardener prior to versions 1.116.4, 1.117.5, 1.118.2, and 1.119.0. It could allow a user with administrative privileges for a...

9.9CVSS6.6AI score0.00374EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/21 7:3 p.m.7 views

CVE-2025-47283

Gardener implements the automated management and operation of Kubernetes clusters as a service. A security vulnerability was discovered in Gardener prior to versions 1.116.4, 1.117.5, 1.118.2, and 1.119.0 that could allow a user with administrative privileges for a Gardener project to obtain...

9.9CVSS6.9AI score0.00538EPSS
Exploits0References1
Snyk
Snyk
added 2025/05/19 7:15 p.m.1 views

Privilege Chaining

Overview Affected versions of this package are vulnerable to Privilege Chaining via the project secret validation process. An attacker can escalate privileges and potentially gain control over seed clusters by bypassing the intended security restrictions. Remediation Upgrade...

9.9CVSS7.3AI score0.00538EPSS
Exploits0References3
Rows per page
Query Builder