GHSA-xwgg-m7fx-83wx

Source

https://github.com/advisories/GHSA-xwgg-m7fx-83wx

Import Source

https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2025/05/GHSA-xwgg-m7fx-83wx/GHSA-xwgg-m7fx-83wx.json

JSON Data

https://api.osv.dev/v1/vulns/GHSA-xwgg-m7fx-83wx

Aliases

CVE-2025-47282
GO-2025-3697

Published

2025-05-19T19:12:48Z

Modified

2025-05-23T16:13:17.817202Z

Severity

9.9 (Critical) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H CVSS Calculator

Summary

Gardener External DNS Management allows malicious google credential in DNS secret to lead to privilege escalation

Details

A security vulnerability was discovered in Gardener that could allow a user with administrative privileges for a Gardener project or a user with administrative privileges for a shoot cluster, including administrative privileges for a single namespace of the shoot cluster, to obtain control over the seed cluster where the shoot cluster is managed.

Am I Vulnerable?

This CVE affects all Gardener installations no matter of the public cloud provider(s) used for the seed clusters/shoot clusters.

Affected Components

gardener/external-dns-management

Affected Versions

< 0.23.6

Fixed Versions

>= 0.23.6

Important

The external-dns-management component may also be deployed on the seeds by the https://github.com/gardener/gardener-extension-shoot-dns-service extension when the extension is enabled. In this case, all versions of the shoot-dns-service extension <= v1.60.0 are affected by this vulnerability.

How do I mitigate this vulnerability?

Update to a fixed version.

Database specific

{
    "nvd_published_at": "2025-05-19T18:15:30Z",
    "cwe_ids": [
        "CWE-20",
        "CWE-269"
    ],
    "severity": "CRITICAL",
    "github_reviewed": true,
    "github_reviewed_at": "2025-05-19T19:12:48Z"
}

References

Affected packages

Go / github.com/gardener/external-dns-management

Package

Name: github.com/gardener/external-dns-management; View open source insights on deps.dev
Purl: pkg:golang/github.com/gardener/external-dns-management

Affected ranges

Type: SEMVER
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.23.6

Go / github.com/gardener/gardener-extension-shoot-dns-service

Package

Name: github.com/gardener/gardener-extension-shoot-dns-service; View open source insights on deps.dev
Purl: pkg:golang/github.com/gardener/gardener-extension-shoot-dns-service

Affected ranges

Type: SEMVER
Events: Introduced

0Unknown introduced version / All previous versions are affected

Last affected

1.6.0