10 matches found
Kyverno resource with a deletionTimestamp may allow policy circumvention
Impact In versions of Kyverno prior to 1.10.0, resources which have the deletionTimestamp field defined can bypass validate, generate, or mutate-existing policies, even in cases where the validationFailureAction field is set to Enforce. This situation occurs as resources pending deletion were bei...
GHSA-HQ4M-4948-64CC Kyverno resource with a deletionTimestamp may allow policy circumvention
Impact In versions of Kyverno prior to 1.10.0, resources which have the deletionTimestamp field defined can bypass validate, generate, or mutate-existing policies, even in cases where the validationFailureAction field is set to Enforce. This situation occurs as resources pending deletion were bei...
CVE-2023-34091 Kyverno resource with a deletionTimestamp may allow policy circumvention
Kyverno is a policy engine designed for Kubernetes. In versions of Kyverno prior to 1.10.0, resources which have the deletionTimestamp field defined can bypass validate, generate, or mutate-existing policies, even in cases where the validationFailureAction field is set to Enforce. This situation...
CVE-2023-34091 Kyverno resource with a deletionTimestamp may allow policy circumvention
Kyverno is a policy engine designed for Kubernetes. In versions of Kyverno prior to 1.10.0, resources which have the deletionTimestamp field defined can bypass validate, generate, or mutate-existing policies, even in cases where the validationFailureAction field is set to Enforce. This situation...
Default configuration
Applications that use a non-default option when verifying certificates may be vulnerable to an attack from a malicious CA to circumvent certain checks. Invalid certificate policies in leaf certificates are silently ignored by OpenSSL and other certificate policy checks are skipped for that...
Opera 7.20 Mail Client Policy Circumvention Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/8254/info The Opera M2 Mail Client is vulnerable to a policy circumvention issue that could allow information to be disclosed to a remote attacker. It is possible for an attacker to bypass the option to suppress the viewi...
Moderate: dbus security update
1.0.0-6.3.el51 - CVE-2008-0595: D-Bus security policy circumvention - Resolves: 432437 1.0.0-6.el51 - CVE-2006-6107: D-Bus denial of service - Resolves: 219601...
Opera 7.20 - Mail Client Policy Circumvention
Opera 7.20 - Mail Client Policy Circumvention source: https://www.securityfocus.com/bid/8254/info The Opera M2 Mail Client is vulnerable to a policy circumvention issue that could allow information to be disclosed to a remote attacker. It is possible for an attacker to bypass the option to suppre...
Opera 7.20 - Mail Client Policy Circumvention
source: https://www.securityfocus.com/bid/8254/info The Opera M2 Mail Client is vulnerable to a policy circumvention issue that could allow information to be disclosed to a remote attacker. It is possible for an attacker to bypass the option to suppress the viewing of external embeds. This could...
Predictable TCP Initial Sequence Numbers
Title: NetScreen Security Alert 51897 Date: 25 November 2002 Description: Predictable TCP Initial Sequence Numbers Impact: Circumvention of Defined Security Policies Affected Products: All firewall/VPN appliances and systems Affected Software Releases: ScreenOS 1.7, 2.6, 2.8, 3.0, 3.1, 4.0 Summar...