Missing Authorization

Overview Affected versions of this package are vulnerable to Missing Authorization via the cani callback, which issues SubjectAccessReview requests without enforcing context-aware allow-lists. An attacker can obtain information about RBAC permissions of any user or service account across the...

Missing Authorization

Overview Affected versions of this package are vulnerable to Missing Authorization via the cani callback, which issues SubjectAccessReview requests without enforcing context-aware allow-lists. An attacker can obtain information about RBAC permissions of any user or service account across the...

GO-2026-4652 Kubewarden: Cross-namespace data exfiltration via deprecated host callback binding in github.com/kubewarden/kubewarden-controller

Kubewarden: Cross-namespace data exfiltration via deprecated host callback binding in github.com/kubewarden/kubewarden-controller...

CVE-2026-29773 kubewarden-controller cross-namespace data exfiltration via deprecated host callback binding

Kubewarden is a policy engine for Kubernetes. Kubewarden cluster operators can grant permissions to users to deploy namespaced AdmissionPolicies and AdmissionPolicyGroups in their Namespaces. One of Kubewarden promises is that configured users can deploy namespaced policies in a safe manner,...

EUVD-2023-26779

Malicious code in bioql PyPI...

CVE-2025-24784

kubewarden-controller is a Kubernetes controller that allows you to dynamically register Kubewarden admission policies. The policy group feature, added to by the 1.17.0 release. By being namespaced, the AdmissionPolicyGroup has a well constrained impact on cluster resources. Hence, it’s considere...

SUSE CVE-2025-24784

kubewarden-controller is a Kubernetes controller that allows you to dynamically register Kubewarden admission policies. The policy group feature, added to by the 1.17.0 release. By being namespaced, the AdmissionPolicyGroup has a well constrained impact on cluster resources. Hence, it's considere...

GO-2025-3435 Kubewarden-Controller information leak via AdmissionPolicyGroup Resource in github.com/kubewarden/kubewarden-controller

Kubewarden-Controller information leak via AdmissionPolicyGroup Resource in github.com/kubewarden/kubewarden-controller...

GO-2025-3434 KubeWarden's AdmissionPolicy and AdmissionPolicyGroup policies can be used to alter PolicyReport resources in github.com/kubewarden/kubewarden-controller

KubeWarden's AdmissionPolicy and AdmissionPolicyGroup policies can be used to alter PolicyReport resources in github.com/kubewarden/kubewarden-controller...

Improper Access Control

github.com/kubewarden/kubewarden-controller is vulnerable to Improper Access Control. The vulnerability is due to insufficient restrictions on AdmissionPolicy and AdmissionPolicyGroup, allowing attackers to manipulate or block PolicyReport objects, leading to compliance data tampering or evasion...

CVE-2025-24376

CVE-2025-24376 concerns the kubewarden-controller for Kubernetes. It states that AdmissionPolicy and AdmissionPolicyGroup can be used to affect namespaced resources, enabling an attacker to prevent creation/update of PolicyReport objects and potentially mutate PolicyReport contents within a names...

CVE-2025-24376 The kubewarden-controller AdmissionPolicy and AdmissionPolicyGroup policies can be used to alter PolicyReport resources

kubewarden-controller is a Kubernetes controller that allows you to dynamically register Kubewarden admission policies. By design, AdmissionPolicy and AdmissionPolicyGroup can evaluate only namespaced resources. The resources to be evaluated are determined by the rules provided by the user when...

CVE-2025-24376 The kubewarden-controller AdmissionPolicy and AdmissionPolicyGroup policies can be used to alter PolicyReport resources

kubewarden-controller is a Kubernetes controller that allows you to dynamically register Kubewarden admission policies. By design, AdmissionPolicy and AdmissionPolicyGroup can evaluate only namespaced resources. The resources to be evaluated are determined by the rules provided by the user when...

CVE-2025-24784 kubewarden-controller has an Information leak via AdmissionPolicyGroup Resource

kubewarden-controller is a Kubernetes controller that allows you to dynamically register Kubewarden admission policies. The policy group feature, added to by the 1.17.0 release. By being namespaced, the AdmissionPolicyGroup has a well constrained impact on cluster resources. Hence, it’s considere...

CVE-2025-24784 kubewarden-controller has an Information leak via AdmissionPolicyGroup Resource

kubewarden-controller is a Kubernetes controller that allows you to dynamically register Kubewarden admission policies. The policy group feature, added to by the 1.17.0 release. By being namespaced, the AdmissionPolicyGroup has a well constrained impact on cluster resources. Hence, it’s considere...

kubewarden-controller 授权问题漏洞

kubewarden-controller is a kubewarden open source access policy for easy management of Kubernetes clusters. An authorization issue vulnerability exists in kubewarden-controller versions prior to 1.17.0 through 1.21.0, which stems from the addition of a policy group feature that allows for the...

kubewarden-controller 安全漏洞

kubewarden-controller is a kubewarden open source access policy for easy management of Kubernetes clusters. A security vulnerability exists in kubewarden-controller versions prior to 1.7.0 through 1.21.0, which stems from the fact that AdmissionPolicy and AdmissionPolicyGroup can evaluate namespa...

PT-2025-5353 · Unknown +1 · Kubewarden-Controller +1

Name of the Vulnerable Software and Affected Versions: kubewarden-controller versions prior to 1.21.0 Description: The issue concerns the validation of namespaced resources by AdmissionPolicy and AdmissionPolicyGroup policies in kubewarden-controller. An attacker can exploit this to prevent the...

PT-2025-5568 · Unknown +1 · Kubewarden-Controller +1

Name of the Vulnerable Software and Affected Versions: kubewarden-controller versions 1.17.0 through 1.20.x Description: The issue allows an attacker to obtain information about resources that are out of their reach by leveraging a higher access to the cluster granted to the ServiceAccount token...

CVE-2023-22645

An Improper Privilege Management vulnerability in SUSE kubewarden allows attackers to read arbitrary secrets if they get access to the ServiceAccount kubewarden-controller This issue affects: SUSE kubewarden kubewarden-controller versions prior to 1.6.0...