- Description
- Kyverno is a policy engine designed for cloud native platform engineering teams. Prior to versions 1.13.5 and 1.14.0, it may happen that policy rules using namespace selector(s) in their match statements are mistakenly not applied during admission review request processing due to a missing error propagation in function `GetNamespaceSelectorsFromNamespaceLister` in `pkg/utils/engine/labels.go`. As a consequence, security-critical mutations and validations are bypassed, potentially allowing attackers with K8s API access to perform malicious operations. This issue has been patched in versions 1.13.5 and 1.14.0.
- Source
- security-advisories@github.com
- NVD status
- Analyzed
CVSS 3.1
- Type
- Primary
- Base score
- 8.2
- Impact score
- 5.8
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:H/A:H
- Severity
- HIGH
- security-advisories@github.com
- CWE-1287
- nvd@nist.gov
- NVD-CWE-noinfo
- Hype score
- Not currently trending
🚨 CVE-2025-46342 🔴 HIGH (8.6) 🏢 kyverno - kyverno 🏗️ < 1.13.5 🔗 https://t.co/FDFZac8O0U 🔗 https://t.co/C7ppKUVYjS #CyberCron #VulnAlert #InfoSec https://t.co/FBIjpqLFoX
@cybercronai
2 May 2025
20 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-46342 Kyverno Namespace Selector Bypass Vulnerability in Policy Engine Versions Prior to 1.14.0 https://t.co/mhcYs2a45k
@VulmonFeeds
30 Apr 2025
8 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-46342 Kyverno is a policy engine designed for cloud native platform engineering teams. Prior to versions 1.13.5 and 1.14.0, it may happen that policy rules using namespace … https://t.co/HJ7sY7hveT
@CVEnew
30 Apr 2025
309 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[CVE-2025-46342: HIGH] Kyverno, a policy engine for cloud-native platforms, had a security vulnerability in versions prior to 1.13.5 and 1.14.0. Attackers with K8s API access could bypass critical security m...#cve,CVE-2025-46342,#cybersecurity https://t.co/MqYaXtIauC https://t.c
@CveFindCom
30 Apr 2025
31 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:kyverno:kyverno:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "15691918-C220-4933-95D2-6BF2BFBBA7E3",
"versionEndIncluding": "1.11.5"
},
{
"criteria": "cpe:2.3:a:kyverno:kyverno:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3C44B650-9836-486D-B929-58CD724E9792",
"versionEndExcluding": "1.13.5",
"versionStartIncluding": "1.12.0"
}
],
"operator": "OR"
}
]
}
]