SUSE CVE-2025-47283

Gardener implements the automated management and operation of Kubernetes clusters as a service. A security vulnerability was discovered in Gardener prior to versions 1.116.4, 1.117.5, 1.118.2, and 1.119.0 that could allow a user with administrative privileges for a Gardener project to obtain...

SUSE CVE-2025-47284

Gardener implements the automated management and operation of Kubernetes clusters as a service. A security vulnerability was discovered in the gardenlet component of Gardener prior to versions 1.116.4, 1.117.5, 1.118.2, and 1.119.0. It could allow a user with administrative privileges for a...

Privilege Escalation

github.com/gardener/gardener is vulnerable to Privilege Escalation. The vulnerability is due to improper authorization checks due to the gardenlet component allowing project administrators to gain control over seed clusters managing their shoot clusters in environments using...

Improper Neutralization

Overview Affected versions of this package are vulnerable to Improper Neutralization via the gardenlet component. An attacker with administrative privileges for a Gardener project can escalate privileges and gain control over the seed clusters by injecting malicious metadata into a project secret...

CVE-2025-47284

Gardener implements the automated management and operation of Kubernetes clusters as a service. A security vulnerability was discovered in the gardenlet component of Gardener prior to versions 1.116.4, 1.117.5, 1.118.2, and 1.119.0. It could allow a user with administrative privileges for a...

Privilege Chaining

Overview Affected versions of this package are vulnerable to Privilege Chaining via the project secret validation process. An attacker can escalate privileges and potentially gain control over seed clusters by bypassing the intended security restrictions. Remediation Upgrade...

CVE-2025-47284 Gardener vulnerable to metadata injection for a project secret that can lead to privilege escalation

Gardener implements the automated management and operation of Kubernetes clusters as a service. A security vulnerability was discovered in the gardenlet component of Gardener prior to versions 1.116.4, 1.117.5, 1.118.2, and 1.119.0. It could allow a user with administrative privileges for a...

CVE-2025-47283 Bypassing project secret validation can lead to privilege escalation

Gardener implements the automated management and operation of Kubernetes clusters as a service. A security vulnerability was discovered in Gardener prior to versions 1.116.4, 1.117.5, 1.118.2, and 1.119.0 that could allow a user with administrative privileges for a Gardener project to obtain...

CVE-2025-47282

Gardener External DNS Management is an environment to manage external DNS entries for a kubernetes cluster. A security vulnerability was discovered in Gardener's External DNS Management prior to version 0.23.6 that could allow a user with administrative privileges for a Gardener project or a user...

PT-2025-22081 · Gardener · Gardener

Name of the Vulnerable Software and Affected Versions: Gardener versions prior to 1.116.4 Gardener versions prior to 1.117.5 Gardener versions prior to 1.118.2 Gardener versions prior to 1.119.0 Description: A security issue was discovered in the gardenlet component of Gardener. This issue could...

PT-2025-22074

Name of the Vulnerable Software and Affected Versions: Gardener versions prior to 1.116.4 Gardener versions prior to 1.117.5 Gardener versions prior to 1.118.2 Gardener versions prior to 1.119.0 Description: A security issue was discovered in Gardener that could allow a user with administrative...

CVE-2019-12494

In Gardener before 0.20.0, incorrect access control in seed clusters allows information disclosure by sending HTTP GET requests from one's own shoot clusters to foreign shoot clusters. This occurs because traffic from shoot to seed via the VPN endpoint is not blocked...