SUSE CVE-2025-24784

kubewarden-controller is a Kubernetes controller that allows you to dynamically register Kubewarden admission policies. The policy group feature, added to by the 1.17.0 release. By being namespaced, the AdmissionPolicyGroup has a well constrained impact on cluster resources. Hence, it's considere...

Missing Authorization

Overview Affected versions of this package are vulnerable to Missing Authorization via the cani callback, which issues SubjectAccessReview requests without enforcing context-aware allow-lists. An attacker can obtain information about RBAC permissions of any user or service account across the...

Missing Authorization

Overview Affected versions of this package are vulnerable to Missing Authorization via the cani callback, which issues SubjectAccessReview requests without enforcing context-aware allow-lists. An attacker can obtain information about RBAC permissions of any user or service account across the...

GO-2026-4652 Kubewarden: Cross-namespace data exfiltration via deprecated host callback binding in github.com/kubewarden/kubewarden-controller

Kubewarden: Cross-namespace data exfiltration via deprecated host callback binding in github.com/kubewarden/kubewarden-controller...

CVE-2026-29773 kubewarden-controller cross-namespace data exfiltration via deprecated host callback binding

Kubewarden is a policy engine for Kubernetes. Kubewarden cluster operators can grant permissions to users to deploy namespaced AdmissionPolicies and AdmissionPolicyGroups in their Namespaces. One of Kubewarden promises is that configured users can deploy namespaced policies in a safe manner,...

EUVD-2023-26779

Malicious code in bioql PyPI...

The vulnerability of the AdmissionPolicy and AdmissionPolicyGroup settings of the Kubernetes cluster’s kubewarden-controller controller allows a malicious actor to gain unauthorized access to modify data or expose protected information.

The vulnerability of the AdmissionPolicy and AdmissionPolicyGroup settings in the Kubernetes cluster kubewarden-controller is related to improper authorization. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to modify data or expose sensitive...

The vulnerability of the CRD AdmissionPolicyGroup component in the Kubernetes cluster “kubewarden-controller” allows a attacker to gain unauthorized access to modify data or disclose sensitive information.

The vulnerability of the CRD AdmissionPolicyGroup component in the Kubernetes cluster “kubewarden-controller” is related to improper authorization. Exploiting this vulnerability may allow an attacker, operating remotely, to gain unauthorized access to modify data or expose sensitive information...

CVE-2025-24784

kubewarden-controller is a Kubernetes controller that allows you to dynamically register Kubewarden admission policies. The policy group feature, added to by the 1.17.0 release. By being namespaced, the AdmissionPolicyGroup has a well constrained impact on cluster resources. Hence, it’s considere...

GO-2025-3435 Kubewarden-Controller information leak via AdmissionPolicyGroup Resource in github.com/kubewarden/kubewarden-controller

Kubewarden-Controller information leak via AdmissionPolicyGroup Resource in github.com/kubewarden/kubewarden-controller...

GO-2025-3434 KubeWarden's AdmissionPolicy and AdmissionPolicyGroup policies can be used to alter PolicyReport resources in github.com/kubewarden/kubewarden-controller

KubeWarden's AdmissionPolicy and AdmissionPolicyGroup policies can be used to alter PolicyReport resources in github.com/kubewarden/kubewarden-controller...

Improper Access Control

github.com/kubewarden/kubewarden-controller is vulnerable to Improper Access Control. The vulnerability is due to insufficient restrictions on AdmissionPolicy and AdmissionPolicyGroup, allowing attackers to manipulate or block PolicyReport objects, leading to compliance data tampering or evasion...

CVE-2025-24376

CVE-2025-24376 concerns the kubewarden-controller for Kubernetes. It states that AdmissionPolicy and AdmissionPolicyGroup can be used to affect namespaced resources, enabling an attacker to prevent creation/update of PolicyReport objects and potentially mutate PolicyReport contents within a names...

CVE-2025-24376 The kubewarden-controller AdmissionPolicy and AdmissionPolicyGroup policies can be used to alter PolicyReport resources

kubewarden-controller is a Kubernetes controller that allows you to dynamically register Kubewarden admission policies. By design, AdmissionPolicy and AdmissionPolicyGroup can evaluate only namespaced resources. The resources to be evaluated are determined by the rules provided by the user when...

CVE-2025-24376 The kubewarden-controller AdmissionPolicy and AdmissionPolicyGroup policies can be used to alter PolicyReport resources

kubewarden-controller is a Kubernetes controller that allows you to dynamically register Kubewarden admission policies. By design, AdmissionPolicy and AdmissionPolicyGroup can evaluate only namespaced resources. The resources to be evaluated are determined by the rules provided by the user when...

CVE-2025-24784 kubewarden-controller has an Information leak via AdmissionPolicyGroup Resource

kubewarden-controller is a Kubernetes controller that allows you to dynamically register Kubewarden admission policies. The policy group feature, added to by the 1.17.0 release. By being namespaced, the AdmissionPolicyGroup has a well constrained impact on cluster resources. Hence, it’s considere...

CVE-2025-24784 kubewarden-controller has an Information leak via AdmissionPolicyGroup Resource

kubewarden-controller is a Kubernetes controller that allows you to dynamically register Kubewarden admission policies. The policy group feature, added to by the 1.17.0 release. By being namespaced, the AdmissionPolicyGroup has a well constrained impact on cluster resources. Hence, it’s considere...

kubewarden-controller 授权问题漏洞

kubewarden-controller is a kubewarden open source access policy for easy management of Kubernetes clusters. An authorization issue vulnerability exists in kubewarden-controller versions prior to 1.17.0 through 1.21.0, which stems from the addition of a policy group feature that allows for the...

kubewarden-controller 安全漏洞

kubewarden-controller is a kubewarden open source access policy for easy management of Kubernetes clusters. A security vulnerability exists in kubewarden-controller versions prior to 1.7.0 through 1.21.0, which stems from the fact that AdmissionPolicy and AdmissionPolicyGroup can evaluate namespa...

PT-2025-5353 · Unknown +1 · Kubewarden-Controller +1

Name of the Vulnerable Software and Affected Versions: kubewarden-controller versions prior to 1.21.0 Description: The issue concerns the validation of namespaced resources by AdmissionPolicy and AdmissionPolicyGroup policies in kubewarden-controller. An attacker can exploit this to prevent the...