x/vulndb: potential Go vuln in github.com/kyverno/kyverno: CVE-2022-47633

[GoVulnBot]

CVE-2022-47633 references github.com/kyverno/kyverno, which may be a Go module.

Description:
An image signature validation bypass vulnerability in Kyverno 1.8.3 and 1.8.4 allows a malicious image registry (or a man-in-the-middle attacker) to inject unsigned arbitrary container images into a protected Kubernetes cluster. This is fixed in 1.8.5. This has been fixed in 1.8.5 and mitigations are available for impacted releases.

References:

• NIST: https://nvd.nist.gov/vuln/detail/CVE-2022-47633
• JSON: https://github.com/CVEProject/cvelist/tree/52f491019fdaaba81856a5901f54073f97d675fe/2022/47xxx/CVE-2022-47633.json
• web: https://kyverno.io/docs/writing-policies/verify-images/
• web: kyverno/kyverno@v1.8.4...v1.8.5
• web: https://github.com/kyverno/kyverno/releases/tag/v1.8.5
• fix: Require predicate type kyverno/kyverno#5713
• web: GHSA-m3cq-xcx9-3gvm
• Imported by: https://pkg.go.dev/github.com/kyverno/kyverno?tab=importedby

Cross references:
No existing reports found with this module or alias.

See doc/triage.md for instructions on how to triage this report.

modules:
  - module: github.com/kyverno/kyverno
    packages:
      - package: n/a
description: |
    An image signature validation bypass vulnerability in Kyverno 1.8.3 and 1.8.4 allows a malicious image registry (or a man-in-the-middle attacker) to inject unsigned arbitrary container images into a protected Kubernetes cluster. This is fixed in 1.8.5. This has been fixed in 1.8.5 and mitigations are available for impacted releases.
cves:
  - CVE-2022-47633
references:
  - web: https://kyverno.io/docs/writing-policies/verify-images/
  - web: https://github.com/kyverno/kyverno/compare/v1.8.4...v1.8.5
  - web: https://github.com/kyverno/kyverno/releases/tag/v1.8.5
  - fix: https://github.com/kyverno/kyverno/pull/5713
  - web: https://github.com/kyverno/kyverno/security/advisories/GHSA-m3cq-xcx9-3gvm

[timothy-king]

Duplicate of #1180