Lucene search
+L

6 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 9:51 p.m.7 views

CVE-2022-47633

An image signature validation bypass vulnerability in Kyverno 1.8.3 and 1.8.4 allows a malicious image registry or a man-in-the-middle attacker to inject unsigned arbitrary container images into a protected Kubernetes cluster. This is fixed in 1.8.5. This has been fixed in 1.8.5 and mitigations a...

8.1CVSS6.8AI score0.00956EPSS
Exploits0
CNVD
CNVD
added 2024/12/13 12:0 a.m.6 views

Cisco NX-OS Software Access Control Error Vulnerability (CNVD-2025-01388)

Cisco NX-OS Software is a set of data center-grade operating system software for switches from the U.S. company Cisco Cisco. The Cisco NX-OS Software suffers from an Access Control Error vulnerability, which arises from an insecure bootloader setting, and can be exploited by an attacker to bypass...

5.2CVSS6.9AI score0.00304EPSS
Exploits0References1
OSV
OSV
added 2024/08/28 5:15 p.m.5 views

CVE-2024-20478

A vulnerability in the software upgrade component of Cisco Application Policy Infrastructure Controller APIC and Cisco Cloud Network Controller, formerly Cisco Cloud APIC, could allow an authenticated, remote attacker with Administrator-level privileges to install a modified software image, leadi...

7.2CVSS6.2AI score0.0074EPSS
Exploits0References1
Veracode
Veracode
added 2022/12/27 4:4 a.m.18 views

Authorization Bypass

github.com/kyverno/kyverno is vulnerable to authorization bypass.The vulnerability exists in multiple functions due to an image signature validation which allows an attacker to bypass the restrictions and retrieve data via the verifyImages rule...

8.1CVSS7.8AI score0.00956EPSS
Exploits0References9Affected Software1
Vulnrichment
Vulnrichment
added 2022/12/23 12:0 a.m.7 views

CVE-2022-47633

An image signature validation bypass vulnerability in Kyverno 1.8.3 and 1.8.4 allows a malicious image registry or a man-in-the-middle attacker to inject unsigned arbitrary container images into a protected Kubernetes cluster. This is fixed in 1.8.5. This has been fixed in 1.8.5 and mitigations a...

7.1AI score0.00956EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2022/12/21 12:0 a.m.8 views

PT-2022-28078 · Kyverno · Kyverno

Name of the Vulnerable Software and Affected Versions: Kyverno versions 1.8.3 through 1.8.4 Description: An image signature validation bypass issue allows a malicious image registry or a man-in-the-middle attacker to inject unsigned arbitrary container images into a protected Kubernetes cluster...

8.1CVSS7.9AI score0.00956EPSS
Exploits0References15
Rows per page
Query Builder