Go modules package
github.com/cert-manager/cert-manager
pkg:golang/github.com/cert-manager/cert-manager
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-25518 | — | >= 1.18.0, < 1.18.5 | 1.18.5 | Feb 4, 2026 | cert-manager adds certificates and certificate issuers as resource types in Kubernetes clusters, and simplifies the process of obtaining, renewing and using those certificates. In versions from 1.18.0 to before 1.18.5 and from 1.19.0 to before 1.19.3, the cert-manager-controller | ||
| CVE-2024-12401 | Med | 4.4 | < 1.12.14 | 1.12.14 | Dec 12, 2024 | A flaw was found in the cert-manager package. This flaw allows an attacker who can modify PEM data that the cert-manager reads, for example, in a Secret resource, to use large amounts of CPU in the cert-manager controller pod to effectively create a denial-of-service (DoS) vector |
- CVE-2026-25518Feb 4, 2026affected >= 1.18.0, < 1.18.5fixed 1.18.5
cert-manager adds certificates and certificate issuers as resource types in Kubernetes clusters, and simplifies the process of obtaining, renewing and using those certificates. In versions from 1.18.0 to before 1.18.5 and from 1.19.0 to before 1.19.3, the cert-manager-controller
- affected < 1.12.14fixed 1.12.14
A flaw was found in the cert-manager package. This flaw allows an attacker who can modify PEM data that the cert-manager reads, for example, in a Secret resource, to use large amounts of CPU in the cert-manager controller pod to effectively create a denial-of-service (DoS) vector