558 matches found
Unintended Proxy or Intermediary ('Confused Deputy')
Overview Affected versions of this package are vulnerable to Unintended Proxy or Intermediary 'Confused Deputy' via the apiCall servicecall helper. An attacker can obtain sensitive service account tokens by crafting a policy that triggers an outbound request without an explicit Authorization...
Unintended Proxy or Intermediary ('Confused Deputy')
Overview Affected versions of this package are vulnerable to Unintended Proxy or Intermediary 'Confused Deputy' via the apiCall servicecall helper. An attacker can obtain sensitive service account tokens by crafting a policy that triggers an outbound request without an explicit Authorization...
Unintended Proxy or Intermediary ('Confused Deputy')
Overview Affected versions of this package are vulnerable to Unintended Proxy or Intermediary 'Confused Deputy' via the apiCall servicecall helper. An attacker can obtain sensitive service account tokens by crafting a policy that triggers an outbound request without an explicit Authorization...
Unintended Proxy or Intermediary ('Confused Deputy')
Overview Affected versions of this package are vulnerable to Unintended Proxy or Intermediary 'Confused Deputy' via the apiCall servicecall helper. An attacker can obtain sensitive service account tokens by crafting a policy that triggers an outbound request without an explicit Authorization...
GHSA-Q93Q-V844-JRQP kyverno apicall servicecall implicit bearer token injection leaks kyverno serviceaccount token
kyverno’s apiCall servicecall helper implicitly injects Authorization: Bearer ... using the kyverno controller serviceaccount token when a policy does not explicitly set an Authorization header. because context.apiCall.service.url is policy-controlled, this can send the kyverno serviceaccount tok...
GHSA-FMQP-4WFC-W3V7 Kyverno APICall SSRF Vulnerability Leading to Multi-Tenant Isolation Breach
Summary Kyverno's APICall feature contains a Server-Side Request Forgery SSRF vulnerability that allows users with Policy creation permissions to access arbitrary internal resources through Kyverno's high-privilege ServiceAccount. In multi-tenant Kubernetes environments, this constitutes a classi...
Kyverno APICall SSRF Vulnerability Leading to Multi-Tenant Isolation Breach
Summary Kyverno's APICall feature contains a Server-Side Request Forgery SSRF vulnerability that allows users with Policy creation permissions to access arbitrary internal resources through Kyverno's high-privilege ServiceAccount. In multi-tenant Kubernetes environments, this constitutes a classi...
Server-side Request Forgery (SSRF)
Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the ClusterPolicy when apiCall.service.url is used with variable substitution e.g. request.object.. An attacker can retrieve sensitive information from internal services or cloud metadata endpoints b...
GHSA-QR4G-8HRP-C4RW Kyverno has unrestricted outbound requests in Kyverno apiCall enabling SSRF
Summary A Server-Side Request Forgery SSRF vulnerability in Kyverno allows authenticated users to induce the admission controller to send arbitrary HTTP requests to attacker-controlled endpoints. When a ClusterPolicy uses apiCall.service.url with variable substitution e.g. request.object.,...
Kyverno has unrestricted outbound requests in Kyverno apiCall enabling SSRF
Summary A Server-Side Request Forgery SSRF vulnerability in Kyverno allows authenticated users to induce the admission controller to send arbitrary HTTP requests to attacker-controlled endpoints. When a ClusterPolicy uses apiCall.service.url with variable substitution e.g. request.object.,...
PT-2026-33227
Name of the Vulnerable Software and Affected Versions Kyverno versions prior to 1.16.4 Description The apiCall servicecall helper implicitly injects an 'Authorization: Bearer ...' header using the kyverno controller serviceaccount token when a policy does not explicitly set an Authorization heade...
CVE-2026-32282 vulnerabilities
Vulnerabilities for packages: karpenter, keda, telegraf, cilium-envoy, cloud-provider-aws, dask-gateway, nerdctl, ingress-nginx-controller, newrelic-fluent-bit-output, datadog-agent, argo-cd, external-secrets-operator, knative-operator, grafana, kyverno, kube-arangodb, kine, falco-no-driver,...
GHSA-XJ38-JXC5-RPPX vulnerabilities
Vulnerabilities for packages: karpenter, keda, telegraf, cilium-envoy, cloud-provider-aws, dask-gateway, nerdctl, ingress-nginx-controller, newrelic-fluent-bit-output, datadog-agent, argo-cd, external-secrets-operator, knative-operator, grafana, kyverno, kube-arangodb, kine, falco-no-driver,...
CVE-2026-33810 vulnerabilities
Vulnerabilities for packages: flux-source-controller-fips, dataplaneapi-fips, fluxcd-kustomize-mutating-webhook-fips, nova-fips, clickhouse-operator, grafana-rollout-operator, gh, localstack, flux-helm-controller-fips, victoriametrics-cluster-fips, atlas, malcontent, apko,...
GHSA-FV83-X2XW-2J55 vulnerabilities
Vulnerabilities for packages: flux-source-controller-fips, dataplaneapi-fips, fluxcd-kustomize-mutating-webhook-fips, nova-fips, clickhouse-operator, grafana-rollout-operator, gh, localstack, flux-helm-controller-fips, victoriametrics-cluster-fips, atlas, malcontent, apko,...
CVE-2026-32283 vulnerabilities
Vulnerabilities for packages: agentbeat, nri-discovery-kubernetes, zot, aws-sigv4-proxy-fips, cilium-certgen, extism, nri-discovery-kubernetes-fips, rancher-support-bundle-kit, minio-object-browser-fips, jupyterhub-k8s-image-awaiter-fips, nova-fips, podman, terraform-provider-sendgrid,...
GHSA-QQRV-2HCH-83Q4 vulnerabilities
Vulnerabilities for packages: kyverno...
CVE-2026-4789 vulnerabilities
Vulnerabilities for packages: kyverno...
CVE-2026-4789 vulnerabilities
Vulnerabilities for packages: kyverno-notation-aws-fips, kyverno, kyverno-fips...
GHSA-QJVC-P88J-J9RM vulnerabilities
Vulnerabilities for packages: kyverno-fips...