Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization via the deprecated host-callback APIs kubernetes/ingresses, kubernetes/namespaces, and kubernetes/services. An attacker can gain unauthorized read access to Ingresses, Namespaces, and Services resources across al...

PT-2026-24144

Name of the Vulnerable Software and Affected Versions Kubewarden versions prior to 1.33.0 Description Kubewarden is a policy engine for Kubernetes. An attacker with privileged "AdmissionPolicy" create permissions could leverage three deprecated host-callback APIs: kubernetes/ingresses,...

GHSA-FC89-JGHX-8PVG KubeWarden's AdmissionPolicy and AdmissionPolicyGroup policies can be used to alter PolicyReport resources

Impact By design, AdmissionPolicy and AdmissionPolicyGroup can evaluate only namespaced resources. The resources to be evaluated are determined by the rules provided by the user when defining the policy. There might be Kubernetes namespaced resources that should not be validated by AdmissionPolic...

Vulnerabilities of Microsoft Edge and Internet Explorer browsers, which allow attackers to escalate their privileges

The vulnerabilities of Microsoft Edge and Internet Explorer are related to errors in access control for namespace resources. Exploiting these vulnerabilities can allow a malicious actor to enhance their privileges remotely...