Skip to main content

Gardener

4 CVEs product

Monthly

CVE-2025-47284 Go CRITICAL PATCH This Week

Gardener implements the automated management and operation of Kubernetes clusters as a service. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Kubernetes Gardener Suse
NVD GitHub
CVSS 3.1
9.9
EPSS
0.3%
CVE-2025-47283 Go CRITICAL PATCH This Week

Gardener implements the automated management and operation of Kubernetes clusters as a service. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Kubernetes Gardener Suse
NVD GitHub
CVSS 3.1
9.9
EPSS
0.1%
CVE-2019-12494 HIGH This Week

In Gardener before 0.20.0, incorrect access control in seed clusters allows information disclosure by sending HTTP GET requests from one's own shoot clusters to foreign shoot clusters. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Gardener
NVD GitHub
CVSS 3.0
7.5
EPSS
1.9%
CVE-2018-2475 HIGH This Week

Following the Gardener architecture, the Kubernetes apiserver of a Gardener managed shoot cluster resides in the corresponding seed cluster. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Kubernetes Gardener
NVD
CVSS 3.0
8.5
EPSS
1.3%
EPSS 0% CVSS 9.9
CRITICAL PATCH This Week

Gardener implements the automated management and operation of Kubernetes clusters as a service. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Kubernetes Gardener +1
NVD GitHub
EPSS 0% CVSS 9.9
CRITICAL PATCH This Week

Gardener implements the automated management and operation of Kubernetes clusters as a service. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Kubernetes Gardener +1
NVD GitHub
EPSS 2% CVSS 7.5
HIGH This Week

In Gardener before 0.20.0, incorrect access control in seed clusters allows information disclosure by sending HTTP GET requests from one's own shoot clusters to foreign shoot clusters. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Gardener
NVD GitHub
EPSS 1% CVSS 8.5
HIGH This Week

Following the Gardener architecture, the Kubernetes apiserver of a Gardener managed shoot cluster resides in the corresponding seed cluster. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Kubernetes Gardener
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy