Vulnerability Details CVE-2025-47284
Gardener implements the automated management and operation of Kubernetes clusters as a service. A security vulnerability was discovered in the `gardenlet` component of Gardener prior to versions 1.116.4, 1.117.5, 1.118.2, and 1.119.0. It could allow a user with administrative privileges for a Gardener project to obtain control over the seed cluster(s) where their shoot clusters are managed. This CVE affects all Gardener installations where gardener/gardener-extension-provider-gcp is in use. Versions 1.116.4, 1.117.5, 1.118.2, and 1.119.0 fix the issue.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 18.2%
CVSS Severity
CVSS v3 Score 9.9
Products affected by CVE-2025-47284
-
cpe:2.3:a:gardener:gardener:0.1.0
-
cpe:2.3:a:gardener:gardener:0.1.1
-
cpe:2.3:a:gardener:gardener:0.10.0
-
cpe:2.3:a:gardener:gardener:0.10.1
-
cpe:2.3:a:gardener:gardener:0.10.2
-
cpe:2.3:a:gardener:gardener:0.11.0
-
cpe:2.3:a:gardener:gardener:0.11.1
-
cpe:2.3:a:gardener:gardener:0.12.0
-
cpe:2.3:a:gardener:gardener:0.12.1
-
cpe:2.3:a:gardener:gardener:0.12.2
-
cpe:2.3:a:gardener:gardener:0.12.3
-
cpe:2.3:a:gardener:gardener:0.12.4
-
cpe:2.3:a:gardener:gardener:0.13.0
-
cpe:2.3:a:gardener:gardener:0.13.1
-
cpe:2.3:a:gardener:gardener:0.13.2
-
cpe:2.3:a:gardener:gardener:0.13.3
-
cpe:2.3:a:gardener:gardener:0.13.4
-
cpe:2.3:a:gardener:gardener:0.13.5
-
cpe:2.3:a:gardener:gardener:0.14.0
-
cpe:2.3:a:gardener:gardener:0.14.1
-
cpe:2.3:a:gardener:gardener:0.14.2
-
cpe:2.3:a:gardener:gardener:0.14.3
-
cpe:2.3:a:gardener:gardener:0.15.0
-
cpe:2.3:a:gardener:gardener:0.15.1
-
cpe:2.3:a:gardener:gardener:0.15.2
-
cpe:2.3:a:gardener:gardener:0.16.0
-
cpe:2.3:a:gardener:gardener:0.17.0
-
cpe:2.3:a:gardener:gardener:0.17.1
-
cpe:2.3:a:gardener:gardener:0.17.2
-
cpe:2.3:a:gardener:gardener:0.17.3
-
cpe:2.3:a:gardener:gardener:0.17.4
-
cpe:2.3:a:gardener:gardener:0.18.0
-
cpe:2.3:a:gardener:gardener:0.18.1
-
cpe:2.3:a:gardener:gardener:0.18.2
-
cpe:2.3:a:gardener:gardener:0.19.0
-
cpe:2.3:a:gardener:gardener:0.19.1
-
cpe:2.3:a:gardener:gardener:0.2.0
-
cpe:2.3:a:gardener:gardener:0.20.0
-
cpe:2.3:a:gardener:gardener:0.20.1
-
cpe:2.3:a:gardener:gardener:0.20.2
-
cpe:2.3:a:gardener:gardener:0.21.0
-
cpe:2.3:a:gardener:gardener:0.21.1
-
cpe:2.3:a:gardener:gardener:0.21.2
-
cpe:2.3:a:gardener:gardener:0.22.0
-
cpe:2.3:a:gardener:gardener:0.23.0
-
cpe:2.3:a:gardener:gardener:0.24.0
-
cpe:2.3:a:gardener:gardener:0.25.0
-
cpe:2.3:a:gardener:gardener:0.26.0
-
cpe:2.3:a:gardener:gardener:0.26.1
-
cpe:2.3:a:gardener:gardener:0.26.2
-
cpe:2.3:a:gardener:gardener:0.26.3
-
cpe:2.3:a:gardener:gardener:0.26.4
-
cpe:2.3:a:gardener:gardener:0.27.0
-
cpe:2.3:a:gardener:gardener:0.27.1
-
cpe:2.3:a:gardener:gardener:0.27.2
-
cpe:2.3:a:gardener:gardener:0.27.3
-
cpe:2.3:a:gardener:gardener:0.27.4
-
cpe:2.3:a:gardener:gardener:0.27.5
-
cpe:2.3:a:gardener:gardener:0.27.6
-
cpe:2.3:a:gardener:gardener:0.28.0
-
cpe:2.3:a:gardener:gardener:0.29.0
-
cpe:2.3:a:gardener:gardener:0.29.1
-
cpe:2.3:a:gardener:gardener:0.29.2
-
cpe:2.3:a:gardener:gardener:0.3.0
-
cpe:2.3:a:gardener:gardener:0.3.1
-
cpe:2.3:a:gardener:gardener:0.3.2
-
cpe:2.3:a:gardener:gardener:0.3.3
-
cpe:2.3:a:gardener:gardener:0.30.0
-
cpe:2.3:a:gardener:gardener:0.30.1
-
cpe:2.3:a:gardener:gardener:0.30.2
-
cpe:2.3:a:gardener:gardener:0.30.3
-
cpe:2.3:a:gardener:gardener:0.30.4
-
cpe:2.3:a:gardener:gardener:0.30.5
-
cpe:2.3:a:gardener:gardener:0.31.0
-
cpe:2.3:a:gardener:gardener:0.31.1
-
cpe:2.3:a:gardener:gardener:0.31.2
-
cpe:2.3:a:gardener:gardener:0.4.0
-
cpe:2.3:a:gardener:gardener:0.5.0
-
cpe:2.3:a:gardener:gardener:0.5.1
-
cpe:2.3:a:gardener:gardener:0.6.0
-
cpe:2.3:a:gardener:gardener:0.6.1
-
cpe:2.3:a:gardener:gardener:0.7.0
-
cpe:2.3:a:gardener:gardener:0.7.1
-
cpe:2.3:a:gardener:gardener:0.8.0
-
cpe:2.3:a:gardener:gardener:0.8.1
-
cpe:2.3:a:gardener:gardener:0.9.0
-
cpe:2.3:a:gardener:gardener:0.9.1
-
cpe:2.3:a:gardener:gardener:1.117.0
-
cpe:2.3:a:gardener:gardener:1.118.0