Vulnerability-Lookup

Vulnerability from cleanstart

Published

2026-01-30 15:00

Modified

2026-01-29 18:58

Summary

Cancelling a query (e

Details

Multiple security vulnerabilities affect the kyverno-policy-reporter-kyverno-plugin-fips package. Cancelling a query (e. See references for individual vulnerability details.

Severity

9.8 (Critical)


                    
                      CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References

URL

Type

	https://github.com/cleanstart-dev/cleanstart-secu…	ADVISORY
	https://osv.dev/vulnerability/CVE-2025-47907	WEB
	https://osv.dev/vulnerability/GHSA-2464-8J7C-4CJM	WEB
	https://osv.dev/vulnerability/GHSA-29WX-VH33-7X7R	WEB
	https://osv.dev/vulnerability/GHSA-2X5J-VHC8-9CWM	WEB
	https://osv.dev/vulnerability/GHSA-459X-Q9HG-4GPQ	WEB
	https://osv.dev/vulnerability/GHSA-4QG8-FJ49-PXJH	WEB
	https://osv.dev/vulnerability/GHSA-4VQ8-7JFC-9CVP	WEB
	https://osv.dev/vulnerability/GHSA-6M8W-JC87-6CR7	WEB
	https://osv.dev/vulnerability/GHSA-88JX-383Q-W4QC	WEB
	https://osv.dev/vulnerability/GHSA-C5Q2-7R4C-MV6G	WEB
	https://osv.dev/vulnerability/GHSA-C6GW-W398-HV78	WEB
	https://osv.dev/vulnerability/GHSA-C77R-FH37-X2PX	WEB
	https://osv.dev/vulnerability/GHSA-F83F-XPX7-FFPW	WEB
	https://osv.dev/vulnerability/GHSA-FV92-FJC5-JJ9H	WEB
	https://osv.dev/vulnerability/GHSA-JRR2-X33P-6HVC	WEB
	https://osv.dev/vulnerability/GHSA-MH63-6H87-95CP	WEB
	https://osv.dev/vulnerability/GHSA-QJVC-P88J-J9RM	WEB
	https://osv.dev/vulnerability/GHSA-R5P3-955P-5GGQ	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2025-47907	WEB

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "CleanStart",
        "name": "kyverno-policy-reporter-kyverno-plugin-fips"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.4.2-r4"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "credits": [],
  "database_specific": {},
  "details": "Multiple security vulnerabilities affect the kyverno-policy-reporter-kyverno-plugin-fips package. Cancelling a query (e. See references for individual vulnerability details.",
  "id": "CLEANSTART-2026-PD17156",
  "modified": "2026-01-29T18:58:54Z",
  "published": "2026-01-30T15:00:22.872625Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-PD17156"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2025-47907"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/GHSA-2464-8J7C-4CJM"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/GHSA-29WX-VH33-7X7R"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/GHSA-2X5J-VHC8-9CWM"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/GHSA-459X-Q9HG-4GPQ"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/GHSA-4QG8-FJ49-PXJH"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/GHSA-4VQ8-7JFC-9CVP"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/GHSA-6M8W-JC87-6CR7"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/GHSA-88JX-383Q-W4QC"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/GHSA-C5Q2-7R4C-MV6G"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/GHSA-C6GW-W398-HV78"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/GHSA-C77R-FH37-X2PX"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/GHSA-F83F-XPX7-FFPW"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/GHSA-FV92-FJC5-JJ9H"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/GHSA-JRR2-X33P-6HVC"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/GHSA-MH63-6H87-95CP"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/GHSA-QJVC-P88J-J9RM"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/GHSA-R5P3-955P-5GGQ"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47907"
    }
  ],
  "related": [],
  "schema_version": "1.7.3",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Cancelling a query (e",
  "upstream": [
    "CVE-2025-47907",
    "GHSA-2464-8J7C-4CJM",
    "GHSA-29WX-VH33-7X7R",
    "GHSA-2X5J-VHC8-9CWM",
    "GHSA-459X-Q9HG-4GPQ",
    "GHSA-4QG8-FJ49-PXJH",
    "GHSA-4VQ8-7JFC-9CVP",
    "GHSA-6M8W-JC87-6CR7",
    "GHSA-88JX-383Q-W4QC",
    "GHSA-C5Q2-7R4C-MV6G",
    "GHSA-C6GW-W398-HV78",
    "GHSA-C77R-FH37-X2PX",
    "GHSA-F83F-XPX7-FFPW",
    "GHSA-FV92-FJC5-JJ9H",
    "GHSA-JRR2-X33P-6HVC",
    "GHSA-MH63-6H87-95CP",
    "GHSA-QJVC-P88J-J9RM",
    "GHSA-R5P3-955P-5GGQ"
  ]
}

GHSA-C6GW-W398-HV78

Vulnerability from github – Published: 2025-02-24 22:49 – Updated: 2025-02-26 22:16

Summary

DoS in go-jose Parsing

Details

Impact

When parsing compact JWS or JWE input, go-jose could use excessive memory. The code used strings.Split(token, ".") to split JWT tokens, which is vulnerable to excessive memory consumption when processing maliciously crafted tokens with a large number of '.' characters. An attacker could exploit this by sending numerous malformed tokens, leading to memory exhaustion and a Denial of Service.

Patches

Version 4.0.5 fixes this issue

Workarounds

Applications could pre-validate payloads passed to go-jose do not contain an excessive number of '.' characters.

References

This is the same sort of issue as in the golang.org/x/oauth2/jws package as CVE-2025-22868 and Go issue https://go.dev/issue/71490.

Severity

6.9 (Medium)


                  
                    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/go-jose/go-jose/v4"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.0.5"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/go-jose/go-jose/v3"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "3.0.4"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/go-jose/go-jose"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "3.0.4"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2025-27144"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-400",
      "CWE-770"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2025-02-24T22:49:19Z",
    "nvd_published_at": "2025-02-24T23:15:11Z",
    "severity": "MODERATE"
  },
  "details": "### Impact\nWhen parsing compact JWS or JWE input, go-jose could use excessive memory. The code used strings.Split(token, \".\") to split JWT tokens, which is vulnerable to excessive memory consumption when processing maliciously crafted tokens with a large number of \u0027.\u0027 characters.  An attacker could exploit this by sending numerous malformed tokens, leading to memory exhaustion and a Denial of Service.\n\n### Patches\nVersion 4.0.5 fixes this issue\n\n### Workarounds\nApplications could pre-validate payloads passed to go-jose do not contain an excessive number of \u0027.\u0027 characters.\n\n### References\nThis is the same sort of issue as in the golang.org/x/oauth2/jws package as CVE-2025-22868 and Go issue https://go.dev/issue/71490.",
  "id": "GHSA-c6gw-w398-hv78",
  "modified": "2025-02-26T22:16:36Z",
  "published": "2025-02-24T22:49:19Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/go-jose/go-jose/security/advisories/GHSA-c6gw-w398-hv78"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-27144"
    },
    {
      "type": "WEB",
      "url": "https://github.com/golang/go/issues/71490"
    },
    {
      "type": "WEB",
      "url": "https://github.com/go-jose/go-jose/commit/99b346cec4e86d102284642c5dcbe9bb0cacfc22"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/go-jose/go-jose"
    },
    {
      "type": "WEB",
      "url": "https://github.com/go-jose/go-jose/releases/tag/v4.0.5"
    },
    {
      "type": "WEB",
      "url": "https://go.dev/issue/71490"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "DoS in go-jose Parsing"
}

GHSA-C77R-FH37-X2PX

Vulnerability from github – Published: 2024-08-30 15:31 – Updated: 2024-09-20 22:06

Summary

OPA for Windows has an SMB force-authentication vulnerability

Details

A SMB force-authentication vulnerability exists in all versions of OPA for Windows prior to v0.68.0. The vulnerability exists because of improper input validation, allowing a user to pass an arbitrary SMB share instead of a Rego file as an argument to OPA CLI or to one of the OPA Go library’s functions.

Severity

6.1 (Medium)


                  
                    CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:L

5.2 (Medium)


                  
                    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/open-policy-agent/opa"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.68.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2024-8260"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-294"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2024-09-19T19:47:47Z",
    "nvd_published_at": "2024-08-30T13:15:12Z",
    "severity": "MODERATE"
  },
  "details": "A SMB force-authentication vulnerability exists in all versions of OPA for Windows prior to v0.68.0. The vulnerability exists because of improper input validation, allowing a user to pass an arbitrary SMB share instead of a Rego file as an argument to OPA CLI or to one of the OPA Go library\u2019s functions.",
  "id": "GHSA-c77r-fh37-x2px",
  "modified": "2024-09-20T22:06:08Z",
  "published": "2024-08-30T15:31:30Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8260"
    },
    {
      "type": "WEB",
      "url": "https://github.com/open-policy-agent/opa/commit/10f4d553e6bb6ae9c69611ecdd9a77dda857070e"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/open-policy-agent/opa"
    },
    {
      "type": "WEB",
      "url": "https://github.com/open-policy-agent/opa/releases/tag/v0.68.0"
    },
    {
      "type": "WEB",
      "url": "https://pkg.go.dev/vuln/GO-2024-3141"
    },
    {
      "type": "WEB",
      "url": "https://www.tenable.com/security/research/tra-2024-36"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:L",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "OPA for Windows has an SMB force-authentication vulnerability"
}

GHSA-F83F-XPX7-FFPW

Vulnerability from github – Published: 2025-12-05 18:18 – Updated: 2025-12-05 18:18

Summary

Fulcio allocates excessive memory during token parsing

Details

Function identity.extractIssuerURL currently splits (via a call to strings.Split) its argument (which is untrusted data) on periods.

As a result, in the face of a malicious request with an (invalid) OIDC identity token in the payload containing many period characters, a call to extractIssuerURL incurs allocations to the tune of O(n) bytes (where n stands for the length of the function's argument), with a constant factor of about 16. Relevant weakness: CWE-405: Asymmetric Resource Consumption (Amplification)

Details See identity.extractIssuerURL

Impact Excessive memory allocation

Severity

7.5 (High)


                  
                    CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 1.8.2"
      },
      "package": {
        "ecosystem": "Go",
        "name": "github.com/sigstore/fulcio"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.8.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2025-66506"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-405"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2025-12-05T18:18:26Z",
    "nvd_published_at": "2025-12-04T22:15:49Z",
    "severity": "HIGH"
  },
  "details": "Function [identity.extractIssuerURL](https://github.com/sigstore/fulcio/blob/main/pkg/identity/issuerpool.go#L44-L45) currently splits (via a call to [strings.Split](https://pkg.go.dev/strings#Split)) its argument (which is untrusted data) on periods.\n\nAs a result, in the face of a malicious request with an (invalid) OIDC identity token in the payload containing many period characters, a call to `extractIssuerURL` incurs allocations to the tune of O(n) bytes (where n stands for the length of the function\u0027s argument), with a constant factor of about 16. Relevant weakness: [CWE-405: Asymmetric Resource Consumption (Amplification)](https://cwe.mitre.org/data/definitions/405.html)\n\nDetails\nSee [identity.extractIssuerURL](https://github.com/sigstore/fulcio/blob/main/pkg/identity/issuerpool.go#L44-L45)\n\nImpact\nExcessive memory allocation",
  "id": "GHSA-f83f-xpx7-ffpw",
  "modified": "2025-12-05T18:18:26Z",
  "published": "2025-12-05T18:18:26Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/sigstore/fulcio/security/advisories/GHSA-f83f-xpx7-ffpw"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66506"
    },
    {
      "type": "WEB",
      "url": "https://github.com/sigstore/fulcio/commit/765a0e57608b9ef390e1eeeea8595b9054c63a5a"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/sigstore/fulcio"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Fulcio allocates excessive memory during token parsing"
}

GHSA-FV92-FJC5-JJ9H

Vulnerability from github – Published: 2025-06-27 16:24 – Updated: 2025-06-27 16:24

Summary

mapstructure May Leak Sensitive Information in Logs When Processing Malformed Data

Details

Summary

Use of this library in a security-critical context may result in leaking sensitive information, if used to process sensitive fields.

Details

OpenBao (and presumably HashiCorp Vault) have surfaced error messages from mapstructure as follows:

https://github.com/openbao/openbao/blob/98c3a59c040efca724353ca46ca79bd5cdbab920/sdk/framework/field_data.go#L43-L50

            _, _, err := d.getPrimitive(field, schema)
            if err != nil {
                return fmt.Errorf("error converting input for field %q: %w", field, err)
            }

where this calls mapstructure.WeakDecode(...): https://github.com/openbao/openbao/blob/98c3a59c040efca724353ca46ca79bd5cdbab920/sdk/framework/field_data.go#L181-L193


func (d *FieldData) getPrimitive(k string, schema *FieldSchema) (interface{}, bool, error) {
    raw, ok := d.Raw[k]
    if !ok {
        return nil, false, nil
    }

    switch t := schema.Type; t {
    case TypeBool:
        var result bool
        if err := mapstructure.WeakDecode(raw, &result); err != nil {
            return nil, false, err
        }
        return result, true, nil

Notably, WeakDecode(...) eventually calls one of the decode helpers, which surfaces the original value:

https://github.com/go-viper/mapstructure/blob/1a66224d5e54d8757f63bd66339cf764c3292c21/mapstructure.go#L679-L686

https://github.com/go-viper/mapstructure/blob/1a66224d5e54d8757f63bd66339cf764c3292c21/mapstructure.go#L726-L730

https://github.com/go-viper/mapstructure/blob/1a66224d5e54d8757f63bd66339cf764c3292c21/mapstructure.go#L783-L787

& more.

PoC

To reproduce with OpenBao:

$ podman run -p 8300:8300 openbao/openbao:latest server -dev -dev-root-token-id=root -dev-listen-address=0.0.0.0:8300

and in a new tab:

$ BAO_TOKEN=root BAO_ADDR=http://localhost:8300 bao auth enable userpass
Success! Enabled userpass auth method at: userpass/
$ curl -X PUT -H "X-Vault-Request: true" -H "X-Vault-Token: root" -d '{"password":{"asdf":"my-sensitive-value"}}' "http://localhost:8300/v1/auth/userpass/users/adsf"
{"errors":["error converting input for field \"password\": '' expected type 'string', got unconvertible type 'map[string]interface {}', value: 'map[asdf:my-sensitive-value]'"]}

Impact

This is an information disclosure bug with little mitigation. See https://discuss.hashicorp.com/t/hcsec-2025-09-vault-may-expose-sensitive-information-in-error-logs-when-processing-malformed-data-with-the-kv-v2-plugin/74717 for a previous version. That version was fixed, but this is in the second part of that error message (starting at '' expected a map, got 'string' -- when the field type is string and a map is provided, we see the above information leak -- the previous example had a map type field with a string value provided).

This was rated 4.5 Medium by HashiCorp in the past iteration.

Severity

5.3 (Medium)


                  
                    CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/go-viper/mapstructure/v2"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.3.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [],
  "database_specific": {
    "cwe_ids": [
      "CWE-532"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2025-06-27T16:24:59Z",
    "nvd_published_at": null,
    "severity": "MODERATE"
  },
  "details": "### Summary\n\nUse of this library in a security-critical context may result in leaking sensitive information, if used to process sensitive fields.\n\n### Details\n\nOpenBao (and presumably HashiCorp Vault) have surfaced error messages from `mapstructure` as follows:\n\nhttps://github.com/openbao/openbao/blob/98c3a59c040efca724353ca46ca79bd5cdbab920/sdk/framework/field_data.go#L43-L50\n\n```go\n\t\t\t_, _, err := d.getPrimitive(field, schema)\n\t\t\tif err != nil {\n\t\t\t\treturn fmt.Errorf(\"error converting input for field %q: %w\", field, err)\n\t\t\t}\n```\n\nwhere this calls `mapstructure.WeakDecode(...)`: https://github.com/openbao/openbao/blob/98c3a59c040efca724353ca46ca79bd5cdbab920/sdk/framework/field_data.go#L181-L193\n\n```go\n\nfunc (d *FieldData) getPrimitive(k string, schema *FieldSchema) (interface{}, bool, error) {\n\traw, ok := d.Raw[k]\n\tif !ok {\n\t\treturn nil, false, nil\n\t}\n\n\tswitch t := schema.Type; t {\n\tcase TypeBool:\n\t\tvar result bool\n\t\tif err := mapstructure.WeakDecode(raw, \u0026result); err != nil {\n\t\t\treturn nil, false, err\n\t\t}\n\t\treturn result, true, nil\n```\n\nNotably, `WeakDecode(...)` eventually calls one of the decode helpers, which surfaces the original value:\n\nhttps://github.com/go-viper/mapstructure/blob/1a66224d5e54d8757f63bd66339cf764c3292c21/mapstructure.go#L679-L686\n\nhttps://github.com/go-viper/mapstructure/blob/1a66224d5e54d8757f63bd66339cf764c3292c21/mapstructure.go#L726-L730\n\nhttps://github.com/go-viper/mapstructure/blob/1a66224d5e54d8757f63bd66339cf764c3292c21/mapstructure.go#L783-L787\n\n\u0026 more.\n\n### PoC\n\nTo reproduce with OpenBao:\n\n```\n$ podman run -p 8300:8300 openbao/openbao:latest server -dev -dev-root-token-id=root -dev-listen-address=0.0.0.0:8300\n```\n\nand in a new tab:\n\n```\n$ BAO_TOKEN=root BAO_ADDR=http://localhost:8300 bao auth enable userpass\nSuccess! Enabled userpass auth method at: userpass/\n$ curl -X PUT -H \"X-Vault-Request: true\" -H \"X-Vault-Token: root\" -d \u0027{\"password\":{\"asdf\":\"my-sensitive-value\"}}\u0027 \"http://localhost:8300/v1/auth/userpass/users/adsf\"\n{\"errors\":[\"error converting input for field \\\"password\\\": \u0027\u0027 expected type \u0027string\u0027, got unconvertible type \u0027map[string]interface {}\u0027, value: \u0027map[asdf:my-sensitive-value]\u0027\"]}\n```\n\n### Impact\n\nThis is an information disclosure bug with little mitigation. See https://discuss.hashicorp.com/t/hcsec-2025-09-vault-may-expose-sensitive-information-in-error-logs-when-processing-malformed-data-with-the-kv-v2-plugin/74717 for a previous version. That version was fixed, but this is in the second part of that error message (starting at `\u0027\u0027 expected a map, got \u0027string\u0027` -- when the field type is `string` and a `map` is provided, we see the above information leak -- the previous example had a `map` type field with a `string` value provided).\n\nThis was rated 4.5 Medium by HashiCorp in the past iteration.",
  "id": "GHSA-fv92-fjc5-jj9h",
  "modified": "2025-06-27T16:24:59Z",
  "published": "2025-06-27T16:24:59Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/go-viper/mapstructure/security/advisories/GHSA-fv92-fjc5-jj9h"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/go-viper/mapstructure"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "mapstructure May Leak Sensitive Information in Logs When Processing Malformed Data"
}

GHSA-JRR2-X33P-6HVC

Vulnerability from github – Published: 2025-04-29 16:39 – Updated: 2025-05-05 21:59

Summary

Kyverno vulnerable to bypass of policy rules that use namespace selectors in match statements

Details

Summary

Due to a missing error propagation in function GetNamespaceSelectorsFromNamespaceLister in pkg/utils/engine/labels.go it may happen that policy rules using namespace selector(s) in their match statements are mistakenly not applied during admission review request processing. As a consequence, security-critical mutations and validations are bypassed, potentially allowing attackers with K8s API access to perform malicious operations.

Details

As a policy engine Kyverno is a critical component ensuring the security of Kubernetes clusters by apply security-relevant policy rules in the Kubernetes admission control process.

We encountered a case where Kyverno did not apply policy rules which should have been applied. This happened in both the mutation and the validation phase of admission control. Effectively Kyverno handled the admission review requests as if those policy rules did not exist. Consequently, the Kube API request was accepted without applying security-relevant patches and validations.

As the root cause we identified a missing error propagation in function GetNamespaceSelectorsFromNamespaceLister in pkg/utils/engine/labels.go (src).

All affected policy rules use a namespace selector in their match resource filters like this:

match:
  all:
  - resources:
      namespaceSelector:
        matchExpressions:
        - key: label1
          operator: Exists

Such specification intents to apply rules only to resource objects which reside in a namespace whose labels match the given label expressions.

When Kyverno handles an admission webhook, function GetNamespaceSelectorsFromNamespaceLister in package github.com/kyverno/kyverno/pkg/utils/engine (src) is called to retrieve the labels of the request object's namespace. This function gets the namespace object from a "k8s.io/client-go/listers/core/v1".NamespaceLister. In case the namespace lister returns an error, GetNamespaceSelectorsFromNamespaceLister does NOT propagate this error to its caller, but returns an empty label map, which is equivalent to a namespace without any labels.

The returned label map is later used to select matching policy rules. If a rule has a resource filter with namespace selector, it will be mistakenly excluded or included.

The namespace lister fails to return the namespace object if the underlying SharedIndexInformer has not (yet) updated its cache. Those updates happen based on watch events from the Kube API Server, which does not guarantee any maximum delivery time. If the Kube API Server handling the watch is under high load or otherwise impaired (e.g. requests to etcd take longer due to pending leader election in HA setup) then informer cache updates can be delayed significantly. However, we did not find a way to reliably reproduce such condition.

To bypass Kyverno policies, an attacker may try to exploit the described misbehavior by:

putting the Kube API Server under load before sending requests that Kyverno policies should be bypassed for.
sending many request with a high rate to Kube API Server.

We did not try any of such attack vectors and therefore cannot prove their effectiveness.

In our scenario the Kyverno policies apply to pods in "sandbox" namespaces identified as such by certain labels. Those single-use namespaces and the pods therein are frequently created (and removed) by other controllers. Therefore, Kyverno often receives admission webhooks for objects whose namespace has been created shortly before.

Correction Proposal

Function GetNamespaceSelectorsFromNamespaceLister in package github.com/kyverno/kyverno/pkg/utils/engine (src) should return an error instead of an empty label map in case it could not get the namespace object from the namespace lister. This error will then cause admission webhook processing to fail, which lets Kubernetes fail the Kube API request if the policy's failure policy is Fail (a must for security-relevant policies).

In addition, function GetNamespaceSelectorsFromNamespaceLister could retry (with deadline) to get the namespace object from the namespace lister in case of a NotFound error. But as admission webhook processing time should be kept as short as possible, this might not be a good idea.

Another option would be to perform a GET request for the namespace as a fallback in case the namespace lister returns a NotFound error.

PoC

We did not find a way to reliably reproduce such case.

Impact

Administrators attempting to enforce cluster security through Kyverno policies, but that allow less privileged users or service accounts to create/update/delete resources.

Severity

8.5 (High)


                  
                    CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/kyverno/kyverno"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.13.5"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/kyverno/kyverno"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "1.14.0-alpha.1"
            },
            {
              "fixed": "1.14.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2025-46342"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1287"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2025-04-29T16:39:33Z",
    "nvd_published_at": "2025-04-30T15:16:02Z",
    "severity": "HIGH"
  },
  "details": "### Summary\n\nDue to a missing error propagation in function `GetNamespaceSelectorsFromNamespaceLister` in `pkg/utils/engine/labels.go` it may happen that policy rules using namespace selector(s) in their `match` statements are mistakenly not applied during admission review request processing. As a consequence, security-critical mutations and validations are bypassed, potentially allowing attackers with K8s API access to perform malicious operations.\n\n### Details\n\nAs a policy engine Kyverno is a critical component ensuring the security of Kubernetes clusters by apply security-relevant policy rules in the Kubernetes admission control process.\n\nWe encountered a case where Kyverno did not apply policy rules which should have been applied.  This happened in both the mutation and the validation phase of admission control.  Effectively Kyverno handled the admission review requests as\nif those policy rules did not exist.  Consequently, the Kube API request was accepted without applying security-relevant patches and validations.\n\nAs the root cause we identified a missing error propagation in function `GetNamespaceSelectorsFromNamespaceLister` in `pkg/utils/engine/labels.go` ([src][1]).\n\nAll affected policy rules use a namespace selector in their match resource filters like this:\n\n```yaml\nmatch:\n  all:\n  - resources:\n      namespaceSelector:\n        matchExpressions:\n        - key: label1\n          operator: Exists\n```\n\nSuch specification intents to apply rules only to resource objects which reside in a namespace whose labels match the given label expressions.\n\nWhen Kyverno handles an admission webhook, function `GetNamespaceSelectorsFromNamespaceLister` in package\n`github.com/kyverno/kyverno/pkg/utils/engine` ([src][1]) is called to retrieve the labels of the request object\u0027s namespace.  This function gets the namespace object from a `\"k8s.io/client-go/listers/core/v1\".NamespaceLister`.  In case the\nnamespace lister returns an error, `GetNamespaceSelectorsFromNamespaceLister` does NOT propagate this error to its caller, but returns an empty label map, which is equivalent to a namespace without any labels.\n\nThe returned label map is later used to select matching policy rules.  If a rule has a resource filter with namespace selector, it will be mistakenly excluded or included.\n\nThe namespace lister fails to return the namespace object if the underlying `SharedIndexInformer` has not (yet) updated its cache.  Those updates happen based on watch events from the Kube API Server, which does not guarantee any maximum delivery time.  If the Kube API Server handling the watch is under high load or otherwise impaired (e.g. requests to etcd take longer due to pending leader election in HA setup) then informer cache updates can be delayed significantly.  However, we did not find a way to reliably reproduce such condition.\n\nTo bypass Kyverno policies, an attacker may try to exploit the described misbehavior by:\n\n- putting the Kube API Server under load before sending requests that Kyverno policies should be bypassed for.\n\n- sending many request with a high rate to Kube API Server.\n\nWe did not try any of such attack vectors and therefore cannot prove their effectiveness.\n\nIn our scenario the Kyverno policies apply to pods in \"sandbox\" namespaces identified as such by certain labels.  Those single-use namespaces and the pods therein are frequently created (and removed) by other controllers.  Therefore, Kyverno often receives admission webhooks for objects whose namespace has been created shortly before.\n\n#### Correction Proposal\n\nFunction `GetNamespaceSelectorsFromNamespaceLister` in package `github.com/kyverno/kyverno/pkg/utils/engine` ([src][1]) should return an error instead of an empty label map in case it could not get the namespace object from the namespace lister.  This error will then cause admission webhook processing to fail, which lets Kubernetes fail the Kube API request if the policy\u0027s failure policy is `Fail` (a must for security-relevant policies).\n\nIn addition, function `GetNamespaceSelectorsFromNamespaceLister` could retry (with deadline) to get the namespace object from the namespace lister in case of a NotFound error.  But as admission webhook processing time should be kept as short as possible, this might not be a good idea.\n\nAnother option would be to perform a GET request for the namespace as a fallback in case the namespace lister returns a NotFound error.\n\n### PoC\n\nWe did not find a way to reliably reproduce such case.\n\n### Impact\n\nAdministrators attempting to enforce cluster security through Kyverno policies, but that allow less privileged users or service accounts to create/update/delete resources.\n\n\n[1]: https://github.com/kyverno/kyverno/blob/a96b1a4794b4d25cb0c6d72c05fc6355e95cf65c/pkg/utils/engine/labels.go#L10",
  "id": "GHSA-jrr2-x33p-6hvc",
  "modified": "2025-05-05T21:59:04Z",
  "published": "2025-04-29T16:39:33Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/kyverno/kyverno/security/advisories/GHSA-jrr2-x33p-6hvc"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-46342"
    },
    {
      "type": "WEB",
      "url": "https://github.com/kyverno/kyverno/commit/3ff923b7756e1681daf73849954bd88516589194"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/kyverno/kyverno"
    },
    {
      "type": "WEB",
      "url": "https://pkg.go.dev/vuln/GO-2025-3652"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Kyverno vulnerable to bypass of policy rules that use namespace selectors in match statements"
}

GHSA-MH63-6H87-95CP

Vulnerability from github – Published: 2025-03-21 22:04 – Updated: 2025-04-10 13:02

Summary

jwt-go allows excessive memory allocation during header parsing

Details

Summary

Function parse.ParseUnverified currently splits (via a call to strings.Split) its argument (which is untrusted data) on periods.

As a result, in the face of a malicious request whose Authorization header consists of Bearer followed by many period characters, a call to that function incurs allocations to the tune of O(n) bytes (where n stands for the length of the function's argument), with a constant factor of about 16. Relevant weakness: CWE-405: Asymmetric Resource Consumption (Amplification)

Details

See parse.ParseUnverified

Impact

Excessive memory allocation

Severity

7.5 (High)


                  
                    CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

8.7 (High)


                  
                    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/golang-jwt/jwt/v5"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "5.0.0-rc.1"
            },
            {
              "fixed": "5.2.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/golang-jwt/jwt/v4"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.5.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/golang-jwt/jwt"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "3.2.0"
            },
            {
              "last_affected": "3.2.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2025-30204"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-405"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2025-03-21T22:04:00Z",
    "nvd_published_at": "2025-03-21T22:15:26Z",
    "severity": "HIGH"
  },
  "details": "### Summary\n\nFunction [`parse.ParseUnverified`](https://github.com/golang-jwt/jwt/blob/c035977d9e11c351f4c05dfeae193923cbab49ee/parser.go#L138-L139) currently splits (via a call to [strings.Split](https://pkg.go.dev/strings#Split)) its argument (which is untrusted data) on periods.\n\nAs a result, in the face of a malicious request whose _Authorization_ header consists of `Bearer ` followed by many period characters, a call to that function incurs allocations to the tune of O(n) bytes (where n stands for the length of the function\u0027s argument), with a constant factor of about 16. Relevant weakness: [CWE-405: Asymmetric Resource Consumption (Amplification)](https://cwe.mitre.org/data/definitions/405.html)\n\n### Details\n\nSee [`parse.ParseUnverified`](https://github.com/golang-jwt/jwt/blob/c035977d9e11c351f4c05dfeae193923cbab49ee/parser.go#L138-L139) \n\n### Impact\n\nExcessive memory allocation",
  "id": "GHSA-mh63-6h87-95cp",
  "modified": "2025-04-10T13:02:34Z",
  "published": "2025-03-21T22:04:00Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/golang-jwt/jwt/security/advisories/GHSA-mh63-6h87-95cp"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-30204"
    },
    {
      "type": "WEB",
      "url": "https://github.com/golang-jwt/jwt/commit/0951d184286dece21f73c85673fd308786ffe9c3"
    },
    {
      "type": "WEB",
      "url": "https://github.com/golang-jwt/jwt/commit/bf316c48137a1212f8d0af9288cc9ce8e59f1afb"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/golang-jwt/jwt"
    },
    {
      "type": "WEB",
      "url": "https://security.netapp.com/advisory/ntap-20250404-0002"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "jwt-go allows excessive memory allocation during header parsing"
}

GHSA-QJVC-P88J-J9RM

Vulnerability from github – Published: 2024-10-29 14:44 – Updated: 2024-11-07 19:23

Summary

Kyverno's PolicyException objects can be created in any namespace by default

Details

Summary

A kyverno ClusterPolicy, ie. "disallow-privileged-containers," can be overridden by the creation of a PolicyException in a random namespace.

Details

By design, PolicyExceptions are consumed from any namespace. Administrators may not recognize that this allows users with privileges to non-kyverno namespaces to create exceptions.

PoC

Administrator creates "disallow-privileged-containers" ClusterPolicy that applies to resources in the namespace "ubuntu-restricted"
Cluster user creates a PolicyException object for "disallow-privileged-containers" in namespace "ubuntu-restricted"
Cluster user creates a pod with a privileged container in "ubuntu-restricted"
Cluster user escalates to root on the node from the privileged container

Impact

Administrators attempting to enforce cluster security through kyverno policies, but that allow less privileged users to create resources

Severity

7.5 (High)


                  
                    CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

8.7 (High)


                  
                    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/kyverno/kyverno"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.13.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2024-48921"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-285",
      "CWE-863"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2024-10-29T14:44:36Z",
    "nvd_published_at": "2024-10-29T15:15:10Z",
    "severity": "HIGH"
  },
  "details": "### Summary\nA kyverno ClusterPolicy, ie. \"disallow-privileged-containers,\" can be overridden by the creation of a PolicyException in a random namespace.\n\n### Details\nBy design, PolicyExceptions are consumed from any namespace. Administrators may not recognize that this allows users with privileges to non-kyverno namespaces to create exceptions.\n\n### PoC\n1. Administrator creates \"disallow-privileged-containers\" ClusterPolicy that applies to resources in the namespace \"ubuntu-restricted\"\n2. Cluster user creates a PolicyException object for \"disallow-privileged-containers\" in namespace \"ubuntu-restricted\"\n3. Cluster user creates a pod with a privileged container in \"ubuntu-restricted\" \n4. Cluster user escalates to root on the node from the privileged container\n\n### Impact\nAdministrators attempting to enforce cluster security through kyverno policies, but that allow less privileged users to create resources",
  "id": "GHSA-qjvc-p88j-j9rm",
  "modified": "2024-11-07T19:23:10Z",
  "published": "2024-10-29T14:44:36Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/kyverno/kyverno/security/advisories/GHSA-qjvc-p88j-j9rm"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-48921"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/kyverno/kyverno"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "Kyverno\u0027s PolicyException objects can be created in any namespace by default"
}

GHSA-R5P3-955P-5GGQ

Vulnerability from github – Published: 2025-07-22 14:24 – Updated: 2025-07-23 22:15

Summary

Kyverno's Improper JMESPath Variable Evaluation Lead to Denial of Service

Details

Summary

A Denial of Service (DoS) vulnerability exists in Kyverno due to improper handling of JMESPath variable substitutions. Attackers with permissions to create or update Kyverno policies can craft expressions using the {{@}} variable combined with a pipe and an invalid JMESPath function (e.g., {{@ | non_existent_function }}).

This leads to a nil value being substituted into the policy structure. Subsequent processing by internal functions, specifically getValueAsStringMap, which expect string values, results in a panic due to a type assertion failure (interface {} is nil, not string). This crashes Kyverno worker threads in the admission controller (and can lead to full admission controller unavailability in Enforce mode) and causes continuous crashes of the reports controller pod, leading to service degradation or unavailability."

Details

The vulnerability lies in the getValueAsStringMap function within pkg/engine/wildcards/wildcards.go (specifically around line 138):

func getValueAsStringMap(key string, data interface{}) (string, map[string]string) {
    // ...
    valMap, ok := val.(map[string]interface{}) // val can be the map containing the nil value
    // ...
    for k, v := range valMap { // If valMap contains a key whose value is nil...
        result[k] = v.(string) // PANIC: v.(string) on a nil interface{}
    }
    return patternKey, result
}

When a policy contains a variable like {{@ | foo}} (where foo is not a defined JMESPath function), the JMESPath evaluation within Kyverno's variable substitution logic results in a nil value. This nil is then assigned to the corresponding field in the policy pattern (e.g., a label value).

During policy processing, ExpandInMetadata calls expandWildcardsInTag, which in turn calls getValueAsStringMap. If the data argument to getValueAsStringMap (derived from the policy pattern) contains this nil value where a string is expected, the type assertion v.(string) panics when v is nil.

Proof of Concept (PoC)

This proof of concept consists of two phases. First a malicious policy is inserted with the default validation failure action, which is Audit. In this phase the reports controller will end up in a crash loop. The admission controller will print out a similar stack trace, but only a worker crashes. The admission controller process does not crash.

In the second phase the same policy is inserted with the Enforce validation failure action. In this scenario both admission controller and the reports controller end up in a crash loop. As the admission controller crashes on incoming admission requests, it effectively makes it impossible to deploy new resources.

Tested on Kyverno v1.14.1.

Prerequisites: Kubernetes cluster with Kyverno installed. Attacker has permissions to create/update ClusterPolicy or Policy resources.
Create a Malicious Policy: Apply the following ClusterPolicy:

yaml apiVersion: kyverno.io/v1 kind: ClusterPolicy metadata: name: dos-via-jmespath-nil spec: rules: - name: trigger-nil-panic match: any: - resources: kinds: - Pod validate: message: "DoS attempt via JMESPath nil substitution" pattern: metadata: labels: # '{{@ | non_existent_function}}' will result in a nil value for this label. # This nil value causes a panic in getValueAsStringMap. trigger_panic: "{{@ | non_existent_function}}"
Verify the policy status: Make sure the policy is ready.

bash k get clusterpolicy dos-via-jmespath-nil NAME ADMISSION BACKGROUND READY AGE MESSAGE dos-via-jmespath-nil true true True 24m Ready
Trigger the Policy: Create any Pod in any namespace (if not further restricted by match or exclude):

bash kubectl run test-pod-dos --image=nginx
Observe Crashes:
- Check Kyverno admission controller logs for worker panics (interface conversion: interface {} is nil, not string).
- Check Kyverno reports controller logs; the pod crashes and restarts.
- Stack trace available here (as a secret gist): https://gist.github.com/thevilledev/723392bad36020b82209262275434380
Reset: Delete the existing policy with kubectl delete clusterpolicy dos-via-jmespath-nil and delete the test pod with kubectl delete pod test-pod-dos. Then apply the following:

yaml apiVersion: kyverno.io/v1 kind: ClusterPolicy metadata: name: dos-via-jmespath-nil-enforce spec: validationFailureAction: Enforce # This has changed rules: - name: trigger-nil-panic match: any: - resources: kinds: - Pod validate: message: "DoS attempt via JMESPath nil substitution" pattern: metadata: labels: # '{{@ | non_existent_function}}' will result in a nil value for this label. # This nil value causes a panic in getValueAsStringMap. trigger_panic: "{{@ | non_existent_function}}"

Trigger the Policy (again): Create any Pod in any namespace (if not further restricted by match or exclude):

bash kubectl run test-pod-dos --image=nginx

The command returns the following error:

bash Error from server (InternalError): Internal error occurred: failed calling webhook "validate.kyverno.svc-fail": failed to call webhook: Post "https://kyverno-svc.kyverno.svc:443/validate/fail?timeout=10s": EOF
Observe Crashes:
- Check Kyverno admission controller logs for container panic. Notice that the whole controller has crashed, not just a worker.
- Check Kyverno reports controller logs; the pod crashes and restarts.

Impact

This is a Denial of Service (DoS) vulnerability.

Affected Components:
- Kyverno Admission Controller: In Audit mode, individual worker threads handling admission requests will panic and terminate. While the main pod uses a worker pool and can recover by spawning new workers, repeated exploitation can degrade performance or lead to worker pool exhaustion. In Enforce mode, the whole controller panics. This makes all related admission requests fail.
- Kyverno Reports Controller: The entire controller pod will panic and crash, requiring a restart by Kubernetes. This halts background policy scanning and report generation.
Conditions: An attacker needs permissions to create or update Kyverno Policy or ClusterPolicy resources. This is often a privileged operation but may be delegated in some environments.
Consequences: Degraded policy enforcement, inability to create/update resources, and loss of policy reporting visibility.

Mitigation

Add robust nil handling in getValueAsStringMap.
Look into adding graceful error handling in JMESPath substitution. Prevent evaluation errors (like undefined functions) from resulting in nil values.

Severity

7.7 (High)


                  
                    CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 1.14.1"
      },
      "package": {
        "ecosystem": "Go",
        "name": "github.com/kyverno/kyverno"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.14.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2025-47281"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-20",
      "CWE-248"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2025-07-22T14:24:19Z",
    "nvd_published_at": "2025-07-23T21:15:26Z",
    "severity": "HIGH"
  },
  "details": "### Summary\nA Denial of Service (DoS) vulnerability exists in Kyverno due to improper handling of JMESPath variable substitutions. Attackers with permissions to create or update Kyverno policies can craft expressions using the `{{@}}` variable combined with a pipe and an invalid JMESPath function (e.g., `{{@ | non_existent_function }}`).\n\nThis leads to a `nil` value being substituted into the policy structure. Subsequent processing by internal functions, specifically `getValueAsStringMap`, which expect string values, results in a panic due to a type assertion failure (`interface {} is nil, not string`). This crashes Kyverno worker threads in the admission controller (and can lead to full admission controller unavailability in Enforce mode) and causes continuous crashes of the reports controller pod, leading to service degradation or unavailability.\"\n\n### Details\nThe vulnerability lies in the `getValueAsStringMap` function within `pkg/engine/wildcards/wildcards.go` (specifically around line 138):\n\n```go\nfunc getValueAsStringMap(key string, data interface{}) (string, map[string]string) {\n    // ...\n    valMap, ok := val.(map[string]interface{}) // val can be the map containing the nil value\n    // ...\n    for k, v := range valMap { // If valMap contains a key whose value is nil...\n        result[k] = v.(string) // PANIC: v.(string) on a nil interface{}\n    }\n    return patternKey, result\n}\n```\n\nWhen a policy contains a variable like `{{@ | foo}}` (where `foo` is not a defined JMESPath function), the JMESPath evaluation within Kyverno\u0027s variable substitution logic results in a `nil` value. This `nil` is then assigned to the corresponding field in the policy pattern (e.g., a label value).\n\nDuring policy processing, `ExpandInMetadata` calls `expandWildcardsInTag`, which in turn calls `getValueAsStringMap`. If the `data` argument to `getValueAsStringMap` (derived from the policy pattern) contains this `nil` value where a string is expected, the type assertion `v.(string)` panics when `v` is `nil`.\n\n### Proof of Concept (PoC)\n\nThis proof of concept consists of two phases. First a malicious policy is inserted with the default validation failure action, which is `Audit`. In this phase the reports controller will end up in a crash loop. The admission controller will print out a similar stack trace, but only a worker crashes. The admission controller process does not crash.\n\nIn the second phase the same policy is inserted with the `Enforce` validation failure action. In this scenario both admission controller and the reports controller end up in a crash loop. As the admission controller crashes on incoming admission requests, it effectively makes it impossible to deploy new resources.\n\nTested on Kyverno v1.14.1.\n\n1.  **Prerequisites**:\n    Kubernetes cluster with Kyverno installed. Attacker has permissions to create/update `ClusterPolicy` or `Policy` resources.\n\n2.  **Create a Malicious Policy**:\n    Apply the following `ClusterPolicy`:\n\n    ```yaml\n    apiVersion: kyverno.io/v1\n    kind: ClusterPolicy\n    metadata:\n        name: dos-via-jmespath-nil\n    spec:\n        rules:\n        - name: trigger-nil-panic\n          match:\n            any:\n            - resources:\n                kinds:\n                - Pod\n          validate:\n              message: \"DoS attempt via JMESPath nil substitution\"\n              pattern:\n                metadata:\n                  labels:\n                    # \u0027{{@ | non_existent_function}}\u0027 will result in a nil value for this label.\n                    # This nil value causes a panic in getValueAsStringMap.\n                    trigger_panic: \"{{@ | non_existent_function}}\"\n    ```\n\n3.  **Verify the policy status**:\n    Make sure the policy is ready.\n\n    ```bash\n    k get clusterpolicy dos-via-jmespath-nil\n    NAME                   ADMISSION   BACKGROUND   READY   AGE   MESSAGE\n    dos-via-jmespath-nil   true        true         True    24m   Ready\n    ```\n\n3.  **Trigger the Policy**:\n    Create any Pod in any namespace (if not further restricted by `match` or `exclude`):\n\n    ```bash\n    kubectl run test-pod-dos --image=nginx\n    ```\n\n4.  **Observe Crashes**:\n    *   Check Kyverno admission controller logs for worker panics (`interface conversion: interface {} is nil, not string`).\n    *   Check Kyverno reports controller logs; the pod crashes and restarts.\n    *   Stack trace available here (as a secret gist): https://gist.github.com/thevilledev/723392bad36020b82209262275434380\n\n5. **Reset**:\n   Delete the existing policy with `kubectl delete clusterpolicy dos-via-jmespath-nil` and delete\n   the test pod with `kubectl delete pod test-pod-dos`. Then apply the following:\n\n   ```yaml\n    apiVersion: kyverno.io/v1\n    kind: ClusterPolicy\n    metadata:\n        name: dos-via-jmespath-nil-enforce\n    spec:\n        validationFailureAction: Enforce # This has changed\n        rules:\n        - name: trigger-nil-panic\n          match:\n            any:\n            - resources:\n                kinds:\n                - Pod\n          validate:\n              message: \"DoS attempt via JMESPath nil substitution\"\n              pattern:\n                metadata:\n                  labels:\n                    # \u0027{{@ | non_existent_function}}\u0027 will result in a nil value for this label.\n                    # This nil value causes a panic in getValueAsStringMap.\n                    trigger_panic: \"{{@ | non_existent_function}}\"\n   ```\n\n6.  **Trigger the Policy (again)**:\n    Create any Pod in any namespace (if not further restricted by `match` or `exclude`):\n\n    ```bash\n    kubectl run test-pod-dos --image=nginx\n    ```\n\n    The command returns the following error:\n\n    ```bash\n    Error from server (InternalError): Internal error occurred: failed calling webhook \"validate.kyverno.svc-fail\": failed to call webhook: Post \"https://kyverno-svc.kyverno.svc:443/validate/fail?timeout=10s\": EOF\n    ```\n\n7.  **Observe Crashes**:\n    *   Check Kyverno admission controller logs for container panic. Notice that the whole controller has crashed, not just a worker.\n    *   Check Kyverno reports controller logs; the pod crashes and restarts.\n\n### Impact\n\nThis is a Denial of Service (DoS) vulnerability.\n\n*   **Affected Components**:\n    *   **Kyverno Admission Controller**: In Audit mode, individual worker threads handling admission requests will panic and terminate. While the main pod uses a worker pool and can recover by spawning new workers, repeated exploitation can degrade performance or lead to worker pool exhaustion. In Enforce mode, the whole controller panics. This makes all related admission requests fail.\n    *   **Kyverno Reports Controller**: The entire controller pod will panic and crash, requiring a restart by Kubernetes. This halts background policy scanning and report generation.\n\n*   **Conditions**: An attacker needs permissions to create or update Kyverno `Policy` or `ClusterPolicy` resources. This is often a privileged operation but may be delegated in some environments.\n*   **Consequences**: Degraded policy enforcement, inability to create/update resources, and loss of policy reporting visibility. \n\n### Mitigation\n\n- Add robust `nil` handling in `getValueAsStringMap`.\n- Look into adding graceful error handling in JMESPath substitution. Prevent evaluation errors (like undefined functions) from resulting in `nil` values.",
  "id": "GHSA-r5p3-955p-5ggq",
  "modified": "2025-07-23T22:15:03Z",
  "published": "2025-07-22T14:24:19Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/kyverno/kyverno/security/advisories/GHSA-r5p3-955p-5ggq"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47281"
    },
    {
      "type": "WEB",
      "url": "https://github.com/kyverno/kyverno/commit/cbd7d4ca24de1c55396fc3295e9fc3215832be7c"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/kyverno/kyverno"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Kyverno\u0027s Improper JMESPath Variable Evaluation Lead to Denial of Service"
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

Vulnerability from cleanstart

Impact

Patches

Workarounds

References

Summary

Details

PoC

Impact

Summary

Details

Correction Proposal

PoC

Impact

Summary

Details

Impact

Summary

Details

PoC

Impact

Summary

Details

Proof of Concept (PoC)

Impact

Mitigation

Tags

Sightings

Nomenclature