1.9.3

CVSS 8.8 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

nirmata

NVD

Published: 2023-05-30

Updated: 2024-11-21

Summary

Kyverno is a policy engine designed for Kubernetes. Kyverno seccomp control can be circumvented. Users of the podSecurity `validate.podSecurity` subrule in Kyverno 1.9.2 and 1.9.3 are vulnerable. This issue was patched in version 1.9.4.

Vulnerable Configurations

Part	Description	Count
Application	Nirmata Nirmata Kyverno 1.9.2 Nirmata Kyverno 1.9.3	5

References

https://github.com/kyverno/kyverno/pull/7263
https://github.com/kyverno/kyverno/releases/tag/v1.9.4
https://github.com/kyverno/kyverno/security/advisories/GHSA-33hq-f2mf-jm3c
https://github.com/kyverno/kyverno/pull/7263
https://github.com/kyverno/kyverno/security/advisories/GHSA-33hq-f2mf-jm3c
https://github.com/kyverno/kyverno/releases/tag/v1.9.4