Skip to content

Commit f9e8d7e

Browse files
advisory-database[bot]advisory-database[bot]
committed
1 parent 9aa4b5f commit f9e8d7e

File tree

1 file changed

+7
-3
lines changed

1 file changed

+7
-3
lines changed

advisories/github-reviewed/2025/12/GHSA-fw33-qpx7-rhx2/GHSA-fw33-qpx7-rhx2.json

Lines changed: 7 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,12 +1,12 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-fw33-qpx7-rhx2",
4-
"modified": "2025-12-11T16:48:48Z",
4+
"modified": "2025-12-12T15:59:13Z",
55
"published": "2025-12-11T16:48:48Z",
66
"aliases": [
77
"CVE-2025-67508"
88
],
9-
"summary": "Vulnerability discovered in gardenctl versions < v2.12.0",
9+
"summary": "gardenctl is vulnerable to Command Injection when used with non‑POSIX shells",
1010
"details": "A security vulnerability was discovered for [gardenctl](https://github.com/gardener/gardenctl-v2) when it is used with non‑POSIX shells such as **[Fish](https://fishshell.com/)** and **[PowerShell](https://learn.microsoft.com/en-us/powershell/)**. Such setup could allow an attacker with administrative privileges for a Gardener project to craft malicious credential values in infrastructure Secret objects that break out of the intended string context when evaluated in Fish or PowerShell environments used by the Gardener service operators, leading to arbitrary command execution on the operator's device.\n\n**Am I vulnerable?**\nThis CVE affects all Gardener operators who use **gardenctl < v2.12.0** with non‑POSIX shells such as **[Fish](https://fishshell.com/)** and **[PowerShell](https://learn.microsoft.com/en-us/powershell/)**.",
1111
"severity": [
1212
{
@@ -40,6 +40,10 @@
4040
"type": "WEB",
4141
"url": "https://github.com/gardener/gardenctl-v2/security/advisories/GHSA-fw33-qpx7-rhx2"
4242
},
43+
{
44+
"type": "ADVISORY",
45+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-67508"
46+
},
4347
{
4448
"type": "PACKAGE",
4549
"url": "https://github.com/gardener/gardenctl-v2"
@@ -52,6 +56,6 @@
5256
"severity": "HIGH",
5357
"github_reviewed": true,
5458
"github_reviewed_at": "2025-12-11T16:48:48Z",
55-
"nvd_published_at": null
59+
"nvd_published_at": "2025-12-12T06:15:40Z"
5660
}
5761
}

0 commit comments

Comments
 (0)