Home
Blog
Kyverno’s container image signature verification can be bypassed
CVE-2022-47633

Kyverno’s container image signature verification can be bypassed <br /> CVE-2022-47633

Kyverno’s container image signature verification can be bypassed
CVE-2022-47633

Mar 1, 2023

Jonathan Kaftzan
VP Marketing & Business Development

Dec 21, 2022 – The vulnerability enables an attacker who is either running a malicious container image registry or is able to act as a proxy between the registry and Kyverno, to inject unsigned images into the protected cluster, bypassing the image verification policy.

Share

Related Articles

Apr 17, 2024

What it takes to do Cloud Detection & Response

A guest post by James Berthoty the founder of Latio Tech. The shift to cloud...

James Berthoty

Founder, Latio Tech

Apr 8, 2024

Seccomp internals deep dive – Part 1

Seccomp, short for Secure Computing Mode, is a noteworthy tool offered by the Linux kernel....

Amit Schendel

Security Researcher

Apr 3, 2024

Yet another reason why the xz backdoor is a sneaky b@$tard

(We are talking about the xz/libzma backdoor identified with CVE-2024-3094) Background If you just woke...

Ben Hirschberg

CTO & Co-founder