CVE-2023-33191

Source

https://nvd.nist.gov/vuln/detail/CVE-2023-33191

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-33191.json

Aliases

GHSA-33hq-f2mf-jm3c

Published

2023-05-30T07:15:09Z

Modified

2023-11-29T10:05:43.734978Z

Details

Kyverno is a policy engine designed for Kubernetes. Kyverno seccomp control can be circumvented. Users of the podSecurity validate.podSecurity subrule in Kyverno 1.9.2 and 1.9.3 are vulnerable. This issue was patched in version 1.9.4.

References

https://github.com/kyverno/kyverno/security/advisories/GHSA-33hq-f2mf-jm3c
https://github.com/kyverno/kyverno/pull/7263
https://github.com/kyverno/kyverno/releases/tag/v1.9.4

Affected packages

Git / github.com/kyverno/kyverno

Affected ranges

Type: GIT
Repo: https://github.com/kyverno/kyverno
Events: Introduced

4dbffc57a124d14e681874b9839a8c14a41edfe0

Fixed

2f1790a2a39052227e3e8e9b02daee616958eba4

Affected versions

kyverno-chart-2.*

kyverno-chart-2.7.2

kyverno-chart-2.7.3

kyverno-policies-chart-2.*

kyverno-policies-chart-2.7.2

kyverno-policies-chart-2.7.3

v1.*

v1.9.2

v1.9.3