Lucene search
K

4 matches found

OSV
OSV
added 2026/06/25 6:43 p.m.4 views

GO-2026-5374 Kyverno Controller Denial of Service via forEach Mutation Panic in github.com/kyverno/kyverno

Kyverno Controller Denial of Service via forEach Mutation Panic in github.com/kyverno/kyverno...

7.7CVSS5.9AI score0.00369EPSS
Exploits1References4
OSV
OSV
added 2026/04/24 8:40 p.m.16 views

GHSA-FPJQ-C37H-CQCV Kyverno Controller Denial of Service via forEach Mutation Panic

Summary An unchecked type assertion in the forEach mutation handler allows any user with permission to create a Policy or ClusterPolicy to crash the cluster-wide background controller into a persistent CrashLoopBackOff. The same bug also causes the admission controller to drop connections and blo...

7.7CVSS5.9AI score0.00369EPSS
Exploits1References5
Snyk
Snyk
added 2026/04/24 5:19 a.m.4 views

Reachable Assertion

Overview Affected versions of this package are vulnerable to Reachable Assertion via the forEach mutation handler. An attacker can cause the cluster-wide background controller to crash into a persistent CrashLoopBackOff and disrupt all matching resource operations by creating a specially crafted...

8.3CVSS5.5AI score0.00369EPSS
Exploits1References2
EUVD
EUVD
added 2026/04/24 3:27 a.m.5 views

EUVD-2026-25392

Kyverno is a policy engine designed for cloud native platform engineering teams. Prior to versions 1.17.2 and 1.16.4, an unchecked type assertion in the forEach mutation handler allows any user with permission to create a Policy or ClusterPolicy to crash the cluster-wide background controller int...

7.7CVSS5.7AI score0.00369EPSS
Exploits1References3
Rows per page
Query Builder