VDB
BIT-kyverno-2025-29778
BIT-kyverno-2025-29778
PUBLISHED
CVSS 8 HIGH
Kyverno ignores subjectRegExp and IssuerRegExp
Risk Scores
CVSS 3.1
8
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Bitnami | kyverno | 0, 0, 0 |
| Bitnami | kyverno |
Timeline
- Sep 12, 2025 CVE Published
- Jan 8, 2026 CVE Updated
References
- https://github.com/Mohdcode/kyverno/blob/373f942ea9fa8b63140d0eb0e101b9a5f71033f3/pkg/cosign/cosign.go#L537 url
- https://github.com/kyverno/kyverno/commit/8777672fb17bdf252bd2e7d8de3441e240404a60 url
- https://github.com/kyverno/kyverno/pull/12237 url
- https://github.com/kyverno/kyverno/security/advisories/GHSA-46mp-8w32-6g94 url
- https://github.com/kyverno/policies/issues/1246 url
- https://nvd.nist.gov/vuln/detail/CVE-2025-29778 url