{"vulnerability": "ghsa-m3cq-xcx9-3gvm", "sightings": [{"uuid": "94aae78f-cee1-409b-b5b1-1e2c617cb7be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "GHSA-M3CQ-XCX9-3GVM", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/11748", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-47633\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: An image signature validation bypass vulnerability in Kyverno 1.8.3 and 1.8.4 allows a malicious image registry (or a man-in-the-middle attacker) to inject unsigned arbitrary container images into a protected Kubernetes cluster. This is fixed in 1.8.5. This has been fixed in 1.8.5 and mitigations are available for impacted releases.\n\ud83d\udccf Published: 2022-12-23T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-15T03:22:55.828Z\n\ud83d\udd17 References:\n1. https://kyverno.io/docs/writing-policies/verify-images/\n2. https://github.com/kyverno/kyverno/compare/v1.8.4...v1.8.5\n3. https://github.com/kyverno/kyverno/releases/tag/v1.8.5\n4. https://github.com/kyverno/kyverno/pull/5713\n5. https://github.com/kyverno/kyverno/security/advisories/GHSA-m3cq-xcx9-3gvm", "creation_timestamp": "2025-04-15T03:54:26.000000Z"}]}