CVE-2023-33191 MEDIUM

CVE-2023-33191: kyverno seccomp control can be circumvented

Vendor Kyverno

Product kyverno

Weakness CWE-284

Published May 30, 2023

Last update January 10, 2025

View on NVD All CVEs

CVSS base score

4.6/10

Attack vector Network

Attack complexity High

Privileges required Low

User interaction Required

Confidentiality Low

Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L

What the vulnerability does

01Description

Kyverno is a policy engine designed for Kubernetes. Kyverno seccomp control can be circumvented. Users of the podSecurity `validate.podSecurity` subrule in Kyverno 1.9.2 and 1.9.3 are vulnerable. This issue was patched in version 1.9.4.

Key dates

02Disclosure timeline

May 30, 2023 CVE published

January 10, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2023-33191

Related vulnerabilities

CVE-2023-33191: kyverno seccomp control can be circumvented

01Description

02Disclosure timeline

03References

04Related CVE