-
Notifications
You must be signed in to change notification settings - Fork 62
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
x/vulndb: potential Go vuln in github.com/kyverno/kyverno: CVE-2023-33191 #1801
Labels
excluded: EFFECTIVELY_PRIVATE
This vulnerability exists in a package can be imported, but isn't meant to be outside that module.
Comments
tatianab
added
the
excluded: EFFECTIVELY_PRIVATE
This vulnerability exists in a package can be imported, but isn't meant to be outside that module.
label
Jun 2, 2023
Change https://go.dev/cl/500496 mentions this issue: |
This was referenced Nov 13, 2023
Change https://go.dev/cl/592761 mentions this issue: |
Change https://go.dev/cl/606786 mentions this issue: |
gopherbot
pushed a commit
that referenced
this issue
Aug 20, 2024
- data/reports/GO-2023-1785.yaml - data/reports/GO-2023-1793.yaml - data/reports/GO-2023-1795.yaml - data/reports/GO-2023-1800.yaml - data/reports/GO-2023-1801.yaml - data/reports/GO-2023-1803.yaml - data/reports/GO-2023-1804.yaml - data/reports/GO-2023-1806.yaml - data/reports/GO-2023-1808.yaml - data/reports/GO-2023-1809.yaml - data/reports/GO-2023-1819.yaml - data/reports/GO-2023-1827.yaml - data/reports/GO-2023-1828.yaml - data/reports/GO-2023-1829.yaml - data/reports/GO-2023-1831.yaml - data/reports/GO-2023-1849.yaml - data/reports/GO-2023-1850.yaml - data/reports/GO-2023-1851.yaml - data/reports/GO-2023-1852.yaml - data/reports/GO-2023-1853.yaml Updates #1785 Updates #1793 Updates #1795 Updates #1800 Updates #1801 Updates #1803 Updates #1804 Updates #1806 Updates #1808 Updates #1809 Updates #1819 Updates #1827 Updates #1828 Updates #1829 Updates #1831 Updates #1849 Updates #1850 Updates #1851 Updates #1852 Updates #1853 Change-Id: Ib6fb15714358b0a9d7644d6ed43de25bdbd8434b Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/606786 LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Auto-Submit: Tatiana Bradley <tatianabradley@google.com> Reviewed-by: Damien Neil <dneil@google.com>
This was referenced Oct 29, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Labels
excluded: EFFECTIVELY_PRIVATE
This vulnerability exists in a package can be imported, but isn't meant to be outside that module.
CVE-2023-33191 references github.com/kyverno/kyverno, which may be a Go module.
Description:
Kyverno is a policy engine designed for Kubernetes. Kyverno seccomp control can be circumvented. Users of the podSecurity
validate.podSecurity
subrule in Kyverno 1.9.2 and 1.9.3 are vulnerable. This issue was patched in version 1.9.4.References:
Cross references:
See doc/triage.md for instructions on how to triage this report.
The text was updated successfully, but these errors were encountered: