Slashben

**Name of the Vulnerable Software and Affected Versions** Kyverno versions 1.8.3 through 1.8.4 **Description** An image signature validation bypass issue allows a malicious image registry or a man-in-the-middle attacker to inject unsigned arbitrary container images into a protected Kubernetes cluster. This affects users of Kyverno who use `verifyImages` rules to verify container image signatures and do not prevent the use of unknown registries. **Recommendations** For Kyverno versions 1.8.3 and 1.8.4, update to version 1.8.5 to resolve the issue. As a temporary workaround, consider configuring a Kyverno policy to restrict registries to a set of secure trusted image registries.