GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
4 advisories
Gardener Extensions for multiple providers vulnerable to Terraform code injection
Critical
CVE-2025-59823
was published
for
github.com/gardener/gardener-extension-provider-aws
(Go)
Sep 25, 2025
Gardener allows metadata injection for a project secret which can lead to privilege escalation
Critical
CVE-2025-47284
was published
for
github.com/gardener/gardener
(Go)
May 19, 2025
Gardener allows bypassing project secret validation which can lead to privilege escalation
Critical
CVE-2025-47283
was published
for
github.com/gardener/gardener
(Go)
May 19, 2025
Gardener External DNS Management allows malicious google credential in DNS secret to lead to privilege escalation
Critical
CVE-2025-47282
was published
for
github.com/gardener/external-dns-management
(Go)
May 19, 2025
ProTip!
Advisories are also available from the
GraphQL API