VYPR

Go modules package

github.com/kubewarden/kubewarden-controller

pkg:golang/github.com/kubewarden/kubewarden-controller

Vulnerabilities (4)

  • CVE-2026-42541MedMay 12, 2026
    affected < 1.35.0fixed 1.35.0

    Kubewarden is a policy engine for Kubernetes. Prior to , An attacker with privileged AdmissionPolicy or AdmissionPolicyGroup create permissions (which isn't the default) can craft a policy that makes use of the can_i host callback. The callback issues a SubjectAccessReview (SAR)

  • CVE-2026-29773MedMar 10, 2026
    affected < 1.33.0fixed 1.33.0

    Kubewarden is a policy engine for Kubernetes. Kubewarden cluster operators can grant permissions to users to deploy namespaced AdmissionPolicies and AdmissionPolicyGroups in their Namespaces. One of Kubewarden promises is that configured users can deploy namespaced policies in a

  • CVE-2025-24784MedJan 30, 2025
    affected >= 1.17.0, < 1.21.0fixed 1.21.0

    kubewarden-controller is a Kubernetes controller that allows you to dynamically register Kubewarden admission policies. The policy group feature, added to by the 1.17.0 release. By being namespaced, the AdmissionPolicyGroup has a well constrained impact on cluster resources. Henc

  • CVE-2025-24376MedJan 30, 2025
    affected >= 1.7.0, < 1.21.0fixed 1.21.0

    kubewarden-controller is a Kubernetes controller that allows you to dynamically register Kubewarden admission policies. By design, AdmissionPolicy and AdmissionPolicyGroup can evaluate only namespaced resources. The resources to be evaluated are determined by the rules provided b