CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:N/A:H
AI Score
Confidence
High
EPSS
Percentile
22.8%
github.com/kyverno/kyverno is vulnerable to Denial Of Service (DoS). The vulnerability exists in the Kyvernos Notary verifier when an attacker has control over the registry from which Kyverno fetches attestations. In such a scenario, the attacker could provide a malicious response to Kyverno during its to the registry. This malicious response could lead to a denial-of-service conditions.
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:N/A:H
AI Score
Confidence
High
EPSS
Percentile
22.8%