5 matches found
Improper Access Control
github.com/kyverno/kyverno is vulnerable to Improper Access Control. The vulnerability is due to incorrect handling of multiple policy exceptions in enforce mode, which allows an attacker to bypass enforced policies by leveraging a less restrictive exception even when a more restrictive exception...
GO-2026-4285 Bypassing Kyverno Policies via Double Policy Exceptions in github.com/kyverno/kyverno
Bypassing Kyverno Policies via Double Policy Exceptions in github.com/kyverno/kyverno...
Bypassing Kyverno Policies via Double Policy Exceptions
Summary If a cluster has a Kyverno policy in enforce mode and there are two exceptions, this allows the policy to be bypassed, even if the first exception is more restrictive than the second. Details The following policy was applied: yaml apiVersion: kyverno.io/v1 kind: ClusterPolicy metadata:...
EUVD-2026-1035
Bypassing Kyverno Policies via Double Policy Exceptions...
GHSA-GG4X-FGG2-H9W9 Bypassing Kyverno Policies via Double Policy Exceptions
Summary If a cluster has a Kyverno policy in enforce mode and there are two exceptions, this allows the policy to be bypassed, even if the first exception is more restrictive than the second. Details The following policy was applied: yaml apiVersion: kyverno.io/v1 kind: ClusterPolicy metadata:...