CNNVD-202507-3047 Information
Jul 23, 2025
cve
CNNVD ID
CNNVD-202507-3047
Related CVE
- CNNVD Published: 2025-07-23
Description (Chinese)
Kyverno是Kyverno开源的一个为 Kubernetes 设计的策略引擎。 Kyverno 1.14.1及之前版本和2025.6.0-rc1至2025.6.3版本存在安全漏洞,该漏洞源于JMESPath变量处理不当,可能导致拒绝服务攻击。
Description (English)
Kyverno is a policy engine designed for Kubernetes by Kyverno open source. There is a security loophole in Kyverno 1.14.1 and earlier versions and in versions 2025.6.0-rc1 to 2025.6.3, which stems from the mishandling of JMESPath variables, which may lead to denial of service attacks.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
Kyverno
Published
2025-07-23
Last Modified
2026-02-24
References
https://nvd.nist.gov/vuln/detail/CVE-2025-47281
Patch
https://github.com/kyverno/kyverno/releases
Share on: