3 matches found
CVE-2025-29778 vulnerabilities
Vulnerabilities for packages: commercial-kyverno, kyverno-notation-aws, kyverno, kyverno-notation-aws-fips, kyverno-fips...
CVE-2025-29778
Kyverno is a policy engine designed for cloud native platform engineering teams. Prior to version 1.14.0-alpha.1, Kyverno ignores subjectRegExp and IssuerRegExp while verifying artifact's sign with keyless mode. It allows the attacker to deploy kubernetes resources with the artifacts that were...
CVE-2025-29778 Kyverno ignores subjectRegExp and IssuerRegExp
Kyverno is a policy engine designed for cloud native platform engineering teams. Prior to version 1.14.0-alpha.1, Kyverno ignores subjectRegExp and IssuerRegExp while verifying artifact's sign with keyless mode. It allows the attacker to deploy kubernetes resources with the artifacts that were...