3 matches found
CVE-2025-29778 vulnerabilities
Vulnerabilities for packages: kyverno-notation-aws, kyverno, kyverno-notation-aws-fips, kyverno-fips, commercial-kyverno...
CVE-2025-29778
Kyverno is a policy engine designed for cloud native platform engineering teams. Prior to version 1.14.0-alpha.1, Kyverno ignores subjectRegExp and IssuerRegExp while verifying artifact's sign with keyless mode. It allows the attacker to deploy kubernetes resources with the artifacts that were...
CVE-2025-29778 Kyverno ignores subjectRegExp and IssuerRegExp
Kyverno is a policy engine designed for cloud native platform engineering teams. Prior to version 1.14.0-alpha.1, Kyverno ignores subjectRegExp and IssuerRegExp while verifying artifact's sign with keyless mode. It allows the attacker to deploy kubernetes resources with the artifacts that were...