GHSA-w7r3-mgwf-4mqq
Suggest an improvement- Source
- https://github.com/advisories/GHSA-w7r3-mgwf-4mqq
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2025/09/GHSA-w7r3-mgwf-4mqq/GHSA-w7r3-mgwf-4mqq.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/GHSA-w7r3-mgwf-4mqq
- Aliases
-
- CVE-2025-9708
- Published
- 2025-09-17T00:31:11Z
- Modified
- 2025-09-17T20:12:33.608632Z
- Severity
-
- 6.8 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N CVSS Calculator
- Summary
- Kubernetes C# client accepts certificates from any CA without properly verifying the trust chain
- Details
-
A vulnerability exists in the Kubernetes C# client where the certificate validation logic accepts properly constructed certificates from any Certificate Authority (CA) without properly verifying the trust chain. This flaw allows a malicious actor to present a forged certificate and potentially intercept or manipulate communication with the Kubernetes API server, leading to possible man-in-the-middle attacks and API impersonation.
- Database specific
{ "nvd_published_at": "2025-09-16T22:15:33Z", "cwe_ids": [ "CWE-295" ], "github_reviewed_at": "2025-09-17T19:07:53Z", "severity": "MODERATE", "github_reviewed": true }- References
Affected packages
NuGet / KubernetesClient
Package
- Name
- KubernetesClient
- View open source insights on deps.dev
- Purl
- pkg:nuget/KubernetesClient
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed17.0.14
Affected versions
0.*
0.1.0-beta
0.2.0-beta
0.3.0-beta
0.4.0-beta
0.5.0-beta
0.6.0-beta
0.7.0-beta
0.7.0-beta-g6728505e34
0.8.0-beta
0.8.0-beta-g307c77bf04
1.*
1.0.0-g86abfc1b7c
1.0.0-g9253eeb2eb
1.0.0-ge6c1177471
1.0.0
1.1.0-g49bb82b15d
1.1.0-g6e0aec994e
1.1.0-g6eb5555145
1.1.0-g7723604b7e
1.1.0-ga358cb9afd
1.1.0-gbc1cb6205c
1.1.0-gc1543b527e
1.1.0-gf488d54ce7
1.1.10-gbb11e5f5ce
1.1.11-g3f69820739
1.1.12-gd01446718d
1.1.13-g8c3152af97
1.1.14-gdae6d62cba
1.2.0
1.2.1-gaec5c99162
1.2.2-gac99f43c84
1.2.3-g3551f03258
1.2.4-g722d4e09d3
1.2.5-g397a582ff0
1.2.6-g3cee7fbd93
1.2.7-g09a8c8773a
1.2.8-g9372e3291f
1.3.1-gdf3381607a
1.3.2-g99dc2f7aaf
1.3.3-g25523d1985
1.3.4-gaa1c880301
1.3.5-g0b1669d5a5
1.3.6-g355d4a3927
1.3.7-g7c9cc88d38
1.3.8-g6bc54a68c4
1.3.9-gb7f79c924f
1.4.1-g1600e44b00
1.4.1-g7e907d7c6f
1.4.2-g05273b7db7
1.4.3-g29b066286f
1.4.4-g972699bc71
1.4.5-g588807fb44
1.4.7-g4d193e4c1c
1.4.8-g9bbe42201f
1.4.9-g9f1669b0cb
1.4.11-g406df57f9d
1.4.12-ge95e01c6e9
1.4.13-g948d78c1bd
1.4.14-g5422eb0bcc
1.5.1-g60ffd20a7c
1.5.2
1.5.3
1.5.4
1.5.5
1.5.6
1.5.7
1.5.8
1.5.9
1.5.10
1.5.11
1.5.12
1.5.13
1.5.14
1.5.16
1.5.17
1.5.18
1.5.19
1.5.25
1.5.26
1.5.27
1.5.28
1.6.1
1.6.2
1.6.3
1.6.4
1.6.5
1.6.6
1.6.7
1.6.8
1.6.9
1.6.10
1.6.11
1.6.12
1.6.13-gfa515869e2
1.6.14-gba9755b626
1.6.15-ge11cc58e56
1.6.16-gb07e78afa4
1.6.17-g435ab5cd15
1.6.18-g0468a66de4
1.6.19-g7749ae07c8
1.6.20-gc8de0ca263
1.6.20
1.6.21
1.6.22
1.6.23
1.6.24
1.6.25
1.6.27
1.6.28
1.6.29
1.6.30
1.6.31
1.6.32
1.6.33
1.6.34
1.6.35
2.*
2.0.1
2.0.2
2.0.3
2.0.5
2.0.6
2.0.7
2.0.8
2.0.9
2.0.10
2.0.11
2.0.12
2.0.13
2.0.14
2.0.15
2.0.16
2.0.17
2.0.18
2.0.19
2.0.20
2.0.21
2.0.22
2.0.25
2.0.26
2.0.27
2.0.28
2.0.29
2.0.30
2.0.31
2.0.32
2.0.33
2.0.34
3.*
3.0.1
3.0.2
3.0.3
3.0.4
3.0.5
3.0.6
3.0.7
3.0.8
3.0.11
3.0.12
3.0.13
3.0.14
3.0.15
3.0.16
4.*
4.0.1
4.0.2
4.0.3
4.0.4
4.0.5
4.0.7
4.0.8
4.0.9
4.0.10
4.0.11
4.0.12
4.0.13
4.0.14
4.0.15
4.0.16
4.0.19
4.0.20
4.0.21
4.0.22
4.0.23
4.0.24
4.0.25
4.0.26
5.*
5.0.1
5.0.2
5.0.3
5.0.4
5.0.5
5.0.6
5.0.7
5.0.8
5.0.9
5.0.10
5.0.11
5.0.12
5.0.13
5.0.15
5.0.16
5.0.17
5.0.18
5.0.19
5.0.20
6.*
6.0.1
6.0.2
6.0.3
6.0.4
6.0.5
6.0.6
6.0.7
6.0.8
6.0.9
6.0.10
6.0.11
6.0.12
6.0.13
6.0.14
6.0.15
6.0.16
6.0.17
6.0.18
6.0.19
6.0.20
6.0.21
6.0.22
6.0.23
6.0.24
6.0.25
6.0.26
7.*
7.0.1
7.0.2
7.0.3
7.0.4
7.0.5
7.0.6
7.0.7
7.0.8
7.0.9
7.0.10
7.0.11
7.0.12
7.0.13
7.0.14
7.0.15
7.1.3-g341580fb9b
7.1.9
7.2.7
7.2.8
7.2.10
7.2.15
7.2.19
8.*
8.0.4
8.0.6
8.0.8
8.0.12
8.0.68
9.*
9.0.25
9.0.28
9.0.37
9.0.38
9.1.3
10.*
10.0.1
10.0.16
10.0.27
10.0.31
10.1.4
10.1.19
11.*
11.0.9
11.0.21
11.0.36
11.0.44
12.*
12.0.16
12.1.1
13.*
13.0.1
13.0.11
13.0.26
13.0.37
14.*
14.0.2
14.0.9
14.0.12
15.*
15.0.1
16.*
16.0.1
16.0.2
16.0.7
17.*
17.0.4