Lucene search
K

8 matches found

OSV
OSV
added 2025/09/12 11:42 a.m.4 views

BIT-KYVERNO-2023-47630 Attacker can cause Kyverno user to unintentionally consume insecure image

Kyverno is a policy engine designed for Kubernetes. An issue was found in Kyverno that allowed an attacker to control the digest of images used by Kyverno users. The issue would require the attacker to compromise the registry that the Kyverno users fetch their images from. The attacker could then...

7.1CVSS6.9AI score0.00261EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 4:55 a.m.12 views

CVE-2023-42814

Kyverno is a policy engine designed for Kubernetes. A security vulnerability was found in Kyverno where an attacker could cause denial of service of Kyverno. The vulnerable component in Kyvernos Notary verifier. An attacker would need control over the registry from which Kyverno would fetch...

5.3CVSS6.8AI score0.00671EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:51 a.m.4 views

CVE-2023-33191

Kyverno is a policy engine designed for Kubernetes. Kyverno seccomp control can be circumvented. Users of the podSecurity validate.podSecurity subrule in Kyverno 1.9.2 and 1.9.3 are vulnerable. This issue was patched in version 1.9.4...

8.8CVSS6.8AI score0.00485EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:8 a.m.8 views

CVE-2023-47630

Kyverno is a policy engine designed for Kubernetes. An issue was found in Kyverno that allowed an attacker to control the digest of images used by Kyverno users. The issue would require the attacker to compromise the registry that the Kyverno users fetch their images from. The attacker could then...

7.1CVSS7AI score0.00261EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/04/30 12:0 a.m.4 views

Kyverno 安全漏洞

Kyverno is a policy engine designed for Kubernetes that is open sourced by Kyverno. A security vulnerability exists in Kyverno versions prior to 1.14.0 that stems from mishandling of namespace selector errors, which could lead to bypassing security policies...

8.5CVSS6.3AI score0.00618EPSS
Exploits1References2
SUSE CVE
SUSE CVE
added 2023/11/16 1:54 a.m.2 views

SUSE CVE-2023-47630

Kyverno is a policy engine designed for Kubernetes. An issue was found in Kyverno that allowed an attacker to control the digest of images used by Kyverno users. The issue would require the attacker to compromise the registry that the Kyverno users fetch their images from. The attacker could then...

7.1CVSS7AI score0.00261EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/11/13 12:0 a.m.6 views

Kyverno security breach

Kyverno is a policy engine for Kubernetes open-sourced by Kyverno. A security vulnerability exists in versions prior to Kyverno v1.11.0. An attacker exploited the vulnerability to cause a denial of service on the system...

6.1CVSS6.5AI score0.00457EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/05/30 6:6 a.m.7 views

CVE-2023-33191 kyverno seccomp control can be circumvented

Kyverno is a policy engine designed for Kubernetes. Kyverno seccomp control can be circumvented. Users of the podSecurity validate.podSecurity subrule in Kyverno 1.9.2 and 1.9.3 are vulnerable. This issue was patched in version 1.9.4...

4.6CVSS8.7AI score0.00485EPSS
Exploits0References3
Rows per page
Query Builder