CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
59.6%
Users of the podSecurity (validate.podSecurity
) subrule in Kyverno versions v1.9.2 and v1.9.3 may be unable to enforce the check for the Seccomp control at the baseline level when using a version
value of latest
. There is no effect if a version number is referenced instead. See the documentation for information on this subrule type. Users of Kyverno v1.9.2 and v1.9.3 are affected.
v1.9.4
v1.10.0
To work around this issue without upgrading to v1.9.4, temporarily install individual policies for the respective Seccomp checks in baseline here and restricted here.