6 matches found
CVE-2022-47633
An image signature validation bypass vulnerability in Kyverno 1.8.3 and 1.8.4 allows a malicious image registry or a man-in-the-middle attacker to inject unsigned arbitrary container images into a protected Kubernetes cluster. This is fixed in 1.8.5. This has been fixed in 1.8.5 and mitigations a...
Cisco NX-OS Software Access Control Error Vulnerability (CNVD-2025-01388)
Cisco NX-OS Software is a set of data center-grade operating system software for switches from the U.S. company Cisco Cisco. The Cisco NX-OS Software suffers from an Access Control Error vulnerability, which arises from an insecure bootloader setting, and can be exploited by an attacker to bypass...
CVE-2024-20478
A vulnerability in the software upgrade component of Cisco Application Policy Infrastructure Controller APIC and Cisco Cloud Network Controller, formerly Cisco Cloud APIC, could allow an authenticated, remote attacker with Administrator-level privileges to install a modified software image, leadi...
Authorization Bypass
github.com/kyverno/kyverno is vulnerable to authorization bypass.The vulnerability exists in multiple functions due to an image signature validation which allows an attacker to bypass the restrictions and retrieve data via the verifyImages rule...
CVE-2022-47633
An image signature validation bypass vulnerability in Kyverno 1.8.3 and 1.8.4 allows a malicious image registry or a man-in-the-middle attacker to inject unsigned arbitrary container images into a protected Kubernetes cluster. This is fixed in 1.8.5. This has been fixed in 1.8.5 and mitigations a...
PT-2022-28078 · Kyverno · Kyverno
Name of the Vulnerable Software and Affected Versions: Kyverno versions 1.8.3 through 1.8.4 Description: An image signature validation bypass issue allows a malicious image registry or a man-in-the-middle attacker to inject unsigned arbitrary container images into a protected Kubernetes cluster...