Vulnerability Details CVE-2023-33191
Kyverno is a policy engine designed for Kubernetes. Kyverno seccomp control can be circumvented. Users of the podSecurity `validate.podSecurity` subrule in Kyverno 1.9.2 and 1.9.3 are vulnerable. This issue was patched in version 1.9.4.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 32.6%
CVSS Severity
CVSS v3 Score 4.6
References
- https://github.com/kyverno/kyverno/pull/7263
- https://github.com/kyverno/kyverno/releases/tag/v1.9.4
- https://github.com/kyverno/kyverno/security/advisories/GHSA-33hq-f2mf-jm3c
- https://github.com/kyverno/kyverno/pull/7263
- https://github.com/kyverno/kyverno/releases/tag/v1.9.4
- https://github.com/kyverno/kyverno/security/advisories/GHSA-33hq-f2mf-jm3c