Jrey8343

**Name of the Vulnerable Software and Affected Versions** Kyverno versions prior to 1.17.2 **Description** A flaw in the ConfigMap context loader allows for cross-namespace privilege escalation. The `configMap.namespace` field lacks validation, enabling a namespace administrator to read ConfigMaps from any namespace by leveraging Kyverno's privileged service account. This results in a complete Role-Based Access Control (RBAC) bypass in multi-tenant Kubernetes clusters. **Recommendations** Update to version 1.17.2.