GHSA-459X-Q9HG-4GPQ — Vulnetix

GHSA-459X-Q9HG-4GPQ PUBLISHED CVSS 9.300000190734863 CRITICAL

Kyverno vulnerable to SSRF via Service Calls

Risk Scores

CVSS v4.0

9.300000190734863

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:L/SA:N

Affected Products

Vendor	Product	Versions
github.com	kyverno/kyverno	0
github.com	kyverno/kyverno	0, 0, 0
Go	github.com/kyverno/kyverno	0

Timeline

Apr 15, 2025 CVE Published
Oct 31, 2025 CVE Updated

References

https://github.com/kyverno/kyverno/security/advisories/GHSA-459x-q9hg-4gpq url
https://github.com/kyverno/kyverno product
https://pkg.go.dev/vuln/GO-2025-3615 url
GitHub Advisory GHSA-459x-q9hg-4gpq vendor-advisory

Open in Interactive Console →

$ Console Community · 100/wk Open console ›