Kyverno@* Security Vulnerabilities and Issues — Kyverno@* CVE List

Lucene search

NirmataKyverno*

3 matches found

CVE•added 2023/06/01 5:15 p.m.•163 views

CVE-2023-34091

Kyverno is a policy engine designed for Kubernetes. In versions of Kyverno prior to 1.10.0, resources which have the deletionTimestamp field defined can bypass validate, generate, or mutate-existing policies, even in cases where the validationFailureAction field is set to Enforce. This situation oc...

6.5CVSS6.4AI score0.00035EPSS

CVE•added 2023/05/30 7:15 a.m.•49 views

CVE-2023-33191

Kyverno is a policy engine designed for Kubernetes. Kyverno seccomp control can be circumvented. Users of the podSecurity validate.podSecurity subrule in Kyverno 1.9.2 and 1.9.3 are vulnerable. This issue was patched in version 1.9.4.

8.8CVSS6.4AI score0.00125EPSS

CVE•added 2024/10/29 3:15 p.m.•49 views

CVE-2024-48921

Kyverno is a policy engine designed for Kubernetes. A kyverno ClusterPolicy, ie. "disallow-privileged-containers," can be overridden by the creation of a PolicyException in a random namespace. By design, PolicyExceptions are consumed from any namespace. Administrators may not recognize that this al...

8.7CVSS3.3AI score0.00034EPSS