📦 Kyverno

This CVE describes a Denial of Service vulnerability in Kyverno policy engine versions 1.14.1 and below. Attackers with permissions to create or update Kyverno policies can craft malicious JMESPath ex...

This vulnerability in Kyverno allows attackers with Kubernetes API access to bypass security-critical policy rules that use namespace selectors. The missing error propagation causes these policies to ...

This vulnerability in Kyverno allows attackers who compromise image registries to control which image diggets Kyverno users receive, potentially delivering vulnerable or malicious images. Only users p...

Kyverno versions before 1.14.0-alpha.1 ignore subjectRegExp and issuerRegExp validations when verifying artifacts in keyless mode, allowing attackers to deploy Kubernetes resources signed by unexpecte...