CVE-2023-33191

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2023-33191

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-33191.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2023-33191

Aliases

Related

GHSA-33hq-f2mf-jm3c

Published

2023-05-30T07:15:09Z

Modified

2025-07-02T00:24:32.082395Z

Severity

8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

Kyverno is a policy engine designed for Kubernetes. Kyverno seccomp control can be circumvented. Users of the podSecurity validate.podSecurity subrule in Kyverno 1.9.2 and 1.9.3 are vulnerable. This issue was patched in version 1.9.4.

References

Affected packages

Git / github.com/kyverno/kyverno

Affected ranges

Type: GIT
Repo: https://github.com/kyverno/kyverno
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

2f1790a2a39052227e3e8e9b02daee616958eba4

Affected versions

1.*

1.3.0-rc10

1.6-dev

1.7-dev

1.8-dev

1.9-dev

helm-chart-v2.*

helm-chart-v2.0.3

helm-chart-v2.0.3-rc1

helm-chart-v2.0.3-rc2

helm-chart-v2.1.0

helm-chart-v2.1.3

kyverno-chart-2.*

kyverno-chart-2.7.0

kyverno-chart-2.7.0-beta.1

kyverno-chart-2.7.0-beta.2

kyverno-chart-2.7.0-rc.1

kyverno-chart-2.7.0-rc.2

kyverno-chart-2.7.0-rc.3

kyverno-chart-2.7.0-rc.4

kyverno-chart-2.7.1

kyverno-chart-2.7.1-rc.1

kyverno-chart-2.7.2

kyverno-chart-2.7.2-rc.1

kyverno-chart-2.7.3

kyverno-policies-chart-2.*

kyverno-policies-chart-2.7.0

kyverno-policies-chart-2.7.0-beta.1

kyverno-policies-chart-2.7.0-beta.2

kyverno-policies-chart-2.7.0-rc.1

kyverno-policies-chart-2.7.0-rc.2

kyverno-policies-chart-2.7.0-rc.3

kyverno-policies-chart-2.7.0-rc.4

kyverno-policies-chart-2.7.1

kyverno-policies-chart-2.7.1-rc.1

kyverno-policies-chart-2.7.2

kyverno-policies-chart-2.7.2-rc.1

kyverno-policies-chart-2.7.3

Other

test-dev

v0.*

v0.1.0

v0.10.0

v0.11.0

v0.2.0

v0.3.0

v0.4.0

v0.5.0

v0.6.0

v0.7.0

v0.7.1

v0.8.0

v0.9.0

v0.9.1

v1.*

v1.0.0

v1.0.0-rc1

v1.1.0

v1.1.1

v1.1.10

v1.1.11

v1.1.12

v1.1.2

v1.1.3

v1.1.3-rc1

v1.1.4

v1.1.4-rc1

v1.1.5

v1.1.6

v1.1.6-rc1

v1.1.6-rc2

v1.1.6-rc3

v1.1.6-rc4

v1.1.6-rc5

v1.1.7

v1.1.7-rc1

v1.1.7-rc2

v1.1.7-rc3

v1.1.7-rc4

v1.1.8

v1.1.9

v1.2.0

v1.2.1

v1.3.0

v1.3.0-rc1

v1.3.0-rc10

v1.3.0-rc11

v1.3.0-rc12

v1.3.0-rc2

v1.3.0-rc3

v1.3.0-rc4

v1.3.0-rc5

v1.3.0-rc6

v1.3.0-rc7

v1.3.0-rc8

v1.3.0-rc9

v1.3.1

v1.3.2

v1.3.2-rc1

v1.3.2-rc2

v1.3.2-rc3

v1.3.3

v1.3.4

v1.3.4-rc1

v1.3.5

v1.3.5-rc1

v1.3.5-rc2

v1.3.5-rc3

v1.3.5-rc4

v1.3.5-rc5

v1.3.6

v1.3.6-rc1

v1.3.6-rc2

v1.3.6-rc3

v1.3.6-rc4

v1.3.6-rc5

v1.4.0

v1.4.0-rc1

v1.4.0-rc2

v1.4.0-rc3

v1.4.0-rc4

v1.4.1

v1.4.2

v1.4.2-rc1

v1.4.2-rc2

v1.4.2-rc3

v1.4.2-rc4

v1.4.3

v1.4.3-rc1

v1.4.3-rc2

v1.5.0-rc1

v1.9.0

v1.9.0-beta.1

v1.9.0-beta.2

v1.9.0-rc.1

v1.9.0-rc.2

v1.9.0-rc.3

v1.9.0-rc.4

v1.9.1

v1.9.1-rc.1

v1.9.2

v1.9.2-rc.1

v1.9.3