Github.Com Cert-Manager Cert-Manager vulnerabilities
2 known vulnerabilities affecting github.com/cert-manager_cert-manager.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2026-25518MEDIUM≥ 1.18.0, < 1.18.5≥ 1.19.0, < 1.19.32026-02-02
CVE-2026-25518 [MEDIUM] CWE-129 cert-manager-controller DoS via Specially Crafted DNS Response
cert-manager-controller DoS via Specially Crafted DNS Response
### Impact
The cert-manager-controller performs DNS lookups during ACME DNS-01 processing (for zone discovery and propagation self-checks). By default, these lookups use standard unencrypted DNS.
An attacker who can intercept and modify DNS traffic from the cert-manager-controller pod can insert a crafted entry into cert-manager's DNS ca
ghsaosv
CVE-2024-12401MEDIUM≥ 0, < 1.12.14≥ 1.13.0-alpha.0, < 1.15.4+1 more2024-12-12
CVE-2024-12401 [MEDIUM] CWE-20 Duplicate Advisory: cert-manager ha a potential slowdown / DoS when parsing specially crafted PEM inputs
Duplicate Advisory: cert-manager ha a potential slowdown / DoS when parsing specially crafted PEM inputs
# Duplicate Advisory
This advisory has been withdrawn because it is a duplicate of GHSA-r4pg-vg54-wxx4. This link is maintained to preserve external references.
# Original Description
A flaw was found in the cert-manager package. This flaw allows an attac
ghsaosv