github.com/kyverno/kyverno is vulnerable to authorization bypass.The vulnerability exists in multiple functions due to an image signature validation which allows an attacker to bypass the restrictions and retrieve data via the verifyImages
rule.
github.com/advisories/GHSA-m3cq-xcx9-3gvm
github.com/golang/vulndb/issues/1186
github.com/kyverno/kyverno/commit/7682030bf928c27bb058edfa6b54fa7aa7efbcd5
github.com/kyverno/kyverno/compare/v1.8.4...v1.8.5
github.com/kyverno/kyverno/pull/5713
github.com/kyverno/kyverno/releases/tag/v1.8.5
github.com/kyverno/kyverno/security/advisories/GHSA-m3cq-xcx9-3gvm
kyverno.io/docs/writing-policies/verify-images/
kyverno.io/policies/best-practices/restrict_image_registries/restrict_image_registries/