CVE-2023-42816

Name of the Vulnerable Software and Affected Versions Kyverno versions 1.11.0 and later, built from the main branch

Description A security issue was found in Kyverno, a policy engine for Kubernetes, where an attacker could cause a denial of service. The issue lies in Kyverno's Notary verifier. An attacker with control over the registry from which Kyverno fetches signatures could return a malicious response, causing a denial of service that blocks other users' admission requests. There are no known cases of this issue being exploited.

Recommendations For Kyverno versions 1.11.0 and later built from the main branch, consider avoiding the use of the Notary verifier until a fix is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.