EUVD-2023-1825

Malicious code in bioql PyPI...

GO-2023-1819 Kyverno resource with a deletionTimestamp may allow policy circumvention in github.com/kyverno/kyverno

Kyverno resource with a deletionTimestamp may allow policy circumvention in github.com/kyverno/kyverno...

Kyverno resource with a deletionTimestamp may allow policy circumvention

Impact In versions of Kyverno prior to 1.10.0, resources which have the deletionTimestamp field defined can bypass validate, generate, or mutate-existing policies, even in cases where the validationFailureAction field is set to Enforce. This situation occurs as resources pending deletion were bei...

GHSA-HQ4M-4948-64CC Kyverno resource with a deletionTimestamp may allow policy circumvention

Impact In versions of Kyverno prior to 1.10.0, resources which have the deletionTimestamp field defined can bypass validate, generate, or mutate-existing policies, even in cases where the validationFailureAction field is set to Enforce. This situation occurs as resources pending deletion were bei...

Design/Logic Flaw

Kyverno is a policy engine designed for Kubernetes. In versions of Kyverno prior to 1.10.0, resources which have the deletionTimestamp field defined can bypass validate, generate, or mutate-existing policies, even in cases where the validationFailureAction field is set to Enforce. This situation...

CVE-2023-34091

Kyverno prior to 1.10.0 could allow policy circumvention when a resource with deletionTimestamp is pending deletion, because Kyverno exempted such resources to reduce load. This could enable a malicious user to leverage Kubernetes finalizers to trigger deletionTimestamp without enforcing policies...

CVE-2023-34091 Kyverno resource with a deletionTimestamp may allow policy circumvention

Kyverno is a policy engine designed for Kubernetes. In versions of Kyverno prior to 1.10.0, resources which have the deletionTimestamp field defined can bypass validate, generate, or mutate-existing policies, even in cases where the validationFailureAction field is set to Enforce. This situation...

CVE-2023-34091 Kyverno resource with a deletionTimestamp may allow policy circumvention

Kyverno is a policy engine designed for Kubernetes. In versions of Kyverno prior to 1.10.0, resources which have the deletionTimestamp field defined can bypass validate, generate, or mutate-existing policies, even in cases where the validationFailureAction field is set to Enforce. This situation...

CVE-2023-34091 Kyverno resource with a deletionTimestamp may allow policy circumvention

Kyverno is a policy engine designed for Kubernetes. In versions of Kyverno prior to 1.10.0, resources which have the deletionTimestamp field defined can bypass validate, generate, or mutate-existing policies, even in cases where the validationFailureAction field is set to Enforce. This situation...

PT-2023-24664 · Unknown +1 · Kubernetes +3

Name of the Vulnerable Software and Affected Versions: Kyverno versions prior to 1.10.0 Description: The issue allows resources with the deletionTimestamp field defined to bypass validate, generate, or mutate-existing policies, even when the validationFailureAction field is set to Enforce. This...