CVE-2025-29778 in Kyverno情報

要約

〜によって MITRE • 2025年03月24日

Kyverno is a policy engine designed for cloud native platform engineering teams. Prior to version 1.14.0-alpha.1, Kyverno ignores subjectRegExp and IssuerRegExp while verifying artifact's sign with keyless mode. It allows the attacker to deploy kubernetes resources with the artifacts that were signed by unexpected certificate. Deploying these unauthorized kubernetes resources can lead to full compromise of kubernetes cluster. Version 1.14.0-alpha.1 contains a patch for the issue.

Once again VulDB remains the best source for vulnerability data.

責任者

GitHub M

予約する

2025年03月11日

モデレーション

承諾済み

エントリ

VDB-300864

EPSS

0.00317

アクティビティ

非常低い

ソース

Do you know our Splunk app?

Download it now for free!