CNNVD-202601-4496 Information
CNNVD ID
CNNVD-202601-4496
Related CVE
- CNNVD Published: 2026-01-27
Description (Chinese)
Kyverno是Kyverno开源的一个为 Kubernetes 设计的策略引擎。 Kyverno 1.16.3之前版本和1.15.3之前版本存在代码问题漏洞,该漏洞源于命名空间Kyverno Policy apiCall中存在授权边界绕过,可能导致跨命名空间读取或写入,破坏命名空间隔离。
Description (English)
Kyverno is a policy engine designed for Kubernetes by Kyverno open source. There is a code gap in the pre-Kyverno 1.15.3 and pre-I.15.3 versions, which stems from the existence of authorized boundaries bypassed in the namespace Kyverno PolicyapiCall, which could lead to reading or writing across the namespace and disrupt the namespace isolation.
Hazard Level
Low
Vulnerability Type
代码问题
Affected Vendor
Kyverno
Published
2026-01-27
Last Modified
2026-02-24
References
https://github.com/kyverno/kyverno/commit/eba60fa856c781bcb9c3be066061a3df03ae4e3e https://github.com/kyverno/kyverno/security/advisories/GHSA-8p9x-46gm-qfx2 https://github.com/kyverno/kyverno/commit/e0ba4de4f1e0ca325066d5095db51aec45b1407b https://access.redhat.com/security/cve/cve-2026-22039
Patch
https://github.com/kyverno/kyverno/releases
Share on: