Lucene search
K

110 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-1825

Malicious code in bioql PyPI...

6.5CVSS6.4AI score0.00497EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-7996

Malicious code in bioql PyPI...

8CVSS5.4AI score0.00317EPSS
Exploits1References7
OSV
OSV
added 2025/09/12 11:43 a.m.2 views

BIT-KYVERNO-2025-47281 Kyverno's Improper JMESPath Variable Evaluation Leads to Denial of Service

Kyverno is a policy engine designed for cloud native platform engineering teams. In versions 1.14.1 and below, a Denial of Service DoS vulnerability exists due to improper handling of JMESPath variable substitutions. Attackers with permissions to create or update Kyverno policies can craft...

7.7CVSS6.8AI score0.00475EPSS
Exploits1References3
OSV
OSV
added 2025/09/12 11:42 a.m.4 views

BIT-KYVERNO-2023-47630 Attacker can cause Kyverno user to unintentionally consume insecure image

Kyverno is a policy engine designed for Kubernetes. An issue was found in Kyverno that allowed an attacker to control the digest of images used by Kyverno users. The issue would require the attacker to compromise the registry that the Kyverno users fetch their images from. The attacker could then...

7.1CVSS6.9AI score0.00261EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/07/25 9:25 p.m.5 views

CVE-2025-47281

Kyverno is a policy engine designed for cloud native platform engineering teams. In versions 1.14.1 and below, a Denial of Service DoS vulnerability exists due to improper handling of JMESPath variable substitutions. Attackers with permissions to create or update Kyverno policies can craft...

7.7CVSS7.1AI score0.00475EPSS
Exploits1References1
NVD
NVD
added 2025/07/23 9:15 p.m.15 views

CVE-2025-47281

Kyverno is a policy engine designed for cloud native platform engineering teams. In versions 1.14.1 and below, a Denial of Service DoS vulnerability exists due to improper handling of JMESPath variable substitutions. Attackers with permissions to create or update Kyverno policies can craft...

7.7CVSS0.00475EPSS
Exploits1References2
CVE
CVE
added 2025/07/23 8:35 p.m.92 views

CVE-2025-47281

CVE-2025-47281 affects Kyverno up to version 1.14.1, where DoS can be triggered by crafted JMESPath expressions using {{@}} with an invalid function, causing a nil substitution and a panic in getValueAsStringMap that crashes Kyverno worker threads and reports controller pod. The issue is fixed in...

7.7CVSS6.2AI score0.00475EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2025/07/23 8:35 p.m.10 views

CVE-2025-47281 Kyverno's Improper JMESPath Variable Evaluation Leads to Denial of Service

Kyverno is a policy engine designed for cloud native platform engineering teams. In versions 1.14.1 and below, a Denial of Service DoS vulnerability exists due to improper handling of JMESPath variable substitutions. Attackers with permissions to create or update Kyverno policies can craft...

7.7CVSS0.00475EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2025/07/22 12:0 a.m.2 views

PT-2025-30438 · Kyverno · Kyverno

Name of the Vulnerable Software and Affected Versions: Kyverno versions 1.14.1 and below Description: Kyverno is susceptible to a Denial of Service DoS vulnerability stemming from improper handling of JMESPath variable substitutions. Attackers possessing permissions to create or update Kyverno...

7.7CVSS6.2AI score0.00475EPSS
Exploits1References11
Packet Storm News
Packet Storm News
added 2025/05/30 12:0 a.m.5 views

Authentication and Authorization in Data Spaces: a Relationship-Based Access Control Approach for Policy Specification Based on ODRL

Data has become a crucial resource in the digital economy, fostering initiatives for secure and sovereign data sharing frameworks such as Data Spaces. However, these distributed environments require fine-grained access control mechanisms that balance openness with sovereignty and security. This...

7.2AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 4:55 a.m.12 views

CVE-2023-42814

Kyverno is a policy engine designed for Kubernetes. A security vulnerability was found in Kyverno where an attacker could cause denial of service of Kyverno. The vulnerable component in Kyvernos Notary verifier. An attacker would need control over the registry from which Kyverno would fetch...

5.3CVSS6.8AI score0.00671EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:21 a.m.9 views

CVE-2023-42815

Kyverno is a policy engine designed for Kubernetes. A security vulnerability was found in Kyverno where an attacker could cause denial of service of Kyverno. The vulnerability was in Kyvernos Notary verifier. An attacker would need control over the registry from which Kyverno would fetch...

5.3CVSS6.9AI score0.00671EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 3:51 a.m.4 views

CVE-2023-33191

Kyverno is a policy engine designed for Kubernetes. Kyverno seccomp control can be circumvented. Users of the podSecurity validate.podSecurity subrule in Kyverno 1.9.2 and 1.9.3 are vulnerable. This issue was patched in version 1.9.4...

8.8CVSS6.8AI score0.00485EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:8 a.m.8 views

CVE-2023-47630

Kyverno is a policy engine designed for Kubernetes. An issue was found in Kyverno that allowed an attacker to control the digest of images used by Kyverno users. The issue would require the attacker to compromise the registry that the Kyverno users fetch their images from. The attacker could then...

7.1CVSS7AI score0.00261EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/02 3:15 p.m.13 views

CVE-2025-46342

Kyverno is a policy engine designed for cloud native platform engineering teams. Prior to versions 1.13.5 and 1.14.0, it may happen that policy rules using namespace selectors in their match statements are mistakenly not applied during admission review request processing due to a missing error...

8.5CVSS6.7AI score0.00618EPSS
Exploits1References1
Debian CVE
Debian CVE
added 2025/05/01 7:32 p.m.1 views

CVE-2025-46569

Open Policy Agent OPA is an open source, general-purpose policy engine. Prior to version 1.4.0, when run as a server, OPA exposes an HTTP Data API for reading and writing documents. Requesting a virtual document through the Data API entails policy evaluation, where a Rego query containing a singl...

7.4CVSS6.6AI score0.0036EPSS
Exploits0
NVD
NVD
added 2025/04/30 3:16 p.m.55 views

CVE-2025-46342

Kyverno is a policy engine designed for cloud native platform engineering teams. Prior to versions 1.13.5 and 1.14.0, it may happen that policy rules using namespace selectors in their match statements are mistakenly not applied during admission review request processing due to a missing error...

8.5CVSS0.00618EPSS
Exploits1References2
OSV
OSV
added 2025/04/30 2:55 p.m.9 views

CVE-2025-46342 Kyverno vulnerable to bypass of policy rules that use namespace selectors in match statements

Kyverno is a policy engine designed for cloud native platform engineering teams. Prior to versions 1.13.5 and 1.14.0, it may happen that policy rules using namespace selectors in their match statements are mistakenly not applied during admission review request processing due to a missing error...

8.5CVSS6.4AI score0.00618EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/04/30 2:55 p.m.51 views

CVE-2025-46342 Kyverno vulnerable to bypass of policy rules that use namespace selectors in match statements

Kyverno is a policy engine designed for cloud native platform engineering teams. Prior to versions 1.13.5 and 1.14.0, it may happen that policy rules using namespace selectors in their match statements are mistakenly not applied during admission review request processing due to a missing error...

8.5CVSS0.00618EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/04/30 2:55 p.m.14 views

CVE-2025-46342 Kyverno vulnerable to bypass of policy rules that use namespace selectors in match statements

Kyverno is a policy engine designed for cloud native platform engineering teams. Prior to versions 1.13.5 and 1.14.0, it may happen that policy rules using namespace selectors in their match statements are mistakenly not applied during admission review request processing due to a missing error...

8.5CVSS7AI score0.00618EPSS
Exploits1References2
Rows per page
Query Builder