52 matches found
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the context variable evaluation process. An attacker with policy creation privileges can exhaust system memory and disrupt service availability with policies that exponentially...
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the context variable evaluation process. An attacker with policy creation privileges can exhaust system memory and disrupt service availability with policies that exponentially...
GHSA-R2RJ-WWM5-X6MQ Kyverno Denial of Service via Context Variable Amplification in Policy Engine
Summary Unbounded memory consumption in Kyverno's policy engine allows users with policy creation privileges to cause Denial of Serviceby crafting policies that exponentially amplify string data through context variables. Details For example, the random JMESPath function in...
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the context variable evaluation process. An attacker with policy creation privileges can exhaust system memory and disrupt service availability with policies that exponentially...
EUVD-2022-5934
Malicious code in bioql PyPI...
EUVD-2025-22470
Malicious code in bioql PyPI...
BIT-KYVERNO-2025-47281 Kyverno's Improper JMESPath Variable Evaluation Leads to Denial of Service
Kyverno is a policy engine designed for cloud native platform engineering teams. In versions 1.14.1 and below, a Denial of Service DoS vulnerability exists due to improper handling of JMESPath variable substitutions. Attackers with permissions to create or update Kyverno policies can craft...
SUSE CVE-2025-47281
Kyverno is a policy engine designed for cloud native platform engineering teams. In versions 1.14.1 and below, a Denial of Service DoS vulnerability exists due to improper handling of JMESPath variable substitutions. Attackers with permissions to create or update Kyverno policies can craft...
GO-2025-3823 Kyverno's Improper JMESPath Variable Evaluation Lead to Denial of Service in github.com/kyverno/kyverno
Kyverno's Improper JMESPath Variable Evaluation Lead to Denial of Service in github.com/kyverno/kyverno...
Denial Of Service (DoS)
github.com/kyverno/kyverno is vulnerable to Denial of Service DoS. The vulnerability is due to improper handling of JMESPath variable substitutions, specifically the lack of validation for invalid JMESPath functions within policy expressions. It allows nil values to be injected into places where...
CVE-2025-47281
Kyverno is a policy engine designed for cloud native platform engineering teams. In versions 1.14.1 and below, a Denial of Service DoS vulnerability exists due to improper handling of JMESPath variable substitutions. Attackers with permissions to create or update Kyverno policies can craft...
CVE-2025-47281
Kyverno is a policy engine designed for cloud native platform engineering teams. In versions 1.14.1 and below, a Denial of Service DoS vulnerability exists due to improper handling of JMESPath variable substitutions. Attackers with permissions to create or update Kyverno policies can craft...
CVE-2025-47281 Kyverno's Improper JMESPath Variable Evaluation Leads to Denial of Service
Kyverno is a policy engine designed for cloud native platform engineering teams. In versions 1.14.1 and below, a Denial of Service DoS vulnerability exists due to improper handling of JMESPath variable substitutions. Attackers with permissions to create or update Kyverno policies can craft...
CVE-2025-47281 Kyverno's Improper JMESPath Variable Evaluation Leads to Denial of Service
Kyverno is a policy engine designed for cloud native platform engineering teams. In versions 1.14.1 and below, a Denial of Service DoS vulnerability exists due to improper handling of JMESPath variable substitutions. Attackers with permissions to create or update Kyverno policies can craft...
CVE-2025-47281 Kyverno's Improper JMESPath Variable Evaluation Leads to Denial of Service
Kyverno is a policy engine designed for cloud native platform engineering teams. In versions 1.14.1 and below, a Denial of Service DoS vulnerability exists due to improper handling of JMESPath variable substitutions. Attackers with permissions to create or update Kyverno policies can craft...
CVE-2025-47281
CVE-2025-47281 affects Kyverno up to version 1.14.1, where DoS can be triggered by crafted JMESPath expressions using {{@}} with an invalid function, causing a nil substitution and a panic in getValueAsStringMap that crashes Kyverno worker threads and reports controller pod. The issue is fixed in...
Kyverno 安全漏洞
Kyverno is a policy engine for Kubernetes open-sourced by Kyverno. A security vulnerability exists in Kyverno versions 1.14.1 and earlier and versions 2025.6.0-rc1 through 2025.6.3, which stems from improper handling of the JMESPath variable and could lead to a denial of service attack...
Uncaught Exception
Overview Affected versions of this package are vulnerable to Uncaught Exception via improper handling of JMESPath variable substitutions in the getValueAsStringMap function within pkg/engine/wildcards/wildcards.go. An attacker can cause the admission controller and reports controller to crash by...
GHSA-R5P3-955P-5GGQ Kyverno's Improper JMESPath Variable Evaluation Lead to Denial of Service
Summary A Denial of Service DoS vulnerability exists in Kyverno due to improper handling of JMESPath variable substitutions. Attackers with permissions to create or update Kyverno policies can craft expressions using the @ variable combined with a pipe and an invalid JMESPath function e.g., @ |...
Kyverno's Improper JMESPath Variable Evaluation Lead to Denial of Service
Summary A Denial of Service DoS vulnerability exists in Kyverno due to improper handling of JMESPath variable substitutions. Attackers with permissions to create or update Kyverno policies can craft expressions using the @ variable combined with a pipe and an invalid JMESPath function e.g., @ |...