CVE-2023-33191

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2023-33191

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-33191.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2023-33191

Aliases

Published

2023-05-30T06:06:14.987Z

Modified

2026-02-16T02:51:54.620343Z

Severity

4.6 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L CVSS Calculator

Summary

kyverno seccomp control can be circumvented

Details

Kyverno is a policy engine designed for Kubernetes. Kyverno seccomp control can be circumvented. Users of the podSecurity validate.podSecurity subrule in Kyverno 1.9.2 and 1.9.3 are vulnerable. This issue was patched in version 1.9.4.

Database specific

{
    "cna_assigner": "GitHub_M",
    "cwe_ids": [
        "CWE-284"
    ],
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/33xxx/CVE-2023-33191.json"
}

References

Affected packages

Git / github.com/kyverno/kyverno

Affected ranges

Type: GIT
Repo: https://github.com/kyverno/kyverno
Events: Introduced

4dbffc57a124d14e681874b9839a8c14a41edfe0

Fixed

2f1790a2a39052227e3e8e9b02daee616958eba4

Affected versions

kyverno-chart-2.*

kyverno-chart-2.7.2

kyverno-chart-2.7.3

kyverno-policies-chart-2.*

kyverno-policies-chart-2.7.2

kyverno-policies-chart-2.7.3

v1.*

v1.9.2

v1.9.3

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-33191.json"