CGA-wjx2-r949-8x6w

Published

Last updated

https://images.chainguard.dev/security/CGA-wjx2-r949-8x6w

Package

kyverno-1.8

Repository

Chainguard

Latest Update

Fix not planned

Aliases

GHSA-m425-mq94-257g

Severity

Unknown

References

https://github.com/advisories/GHSA-m425-mq94-257g

Updates

Status

Fix not planned

Impact

Bumping the affected version of grpc is not possible at this pinned version of Kyverno (1.8.x). Upgrading the grpc package to version 1.56.3 causes unresolvable conflicts between Kyverno, OpenTelemetry and etcd. Upgrade to a more recent version of Kyverno to resolve this vulnerability.

Status

Affected

Impact

govulncheck confirms the affect symbol is present.

Advisories are based on vulnerability information provided by Grype from Anchore. Learn how Chainguard creates security advisories.

Safe Source for Open Source™

Private Policy

Product

Chainguard Containers Chainguard Libraries Chainguard VMs Integrations Pricing

Solutions

FedRAMP PCI DSS Golden Images CVE Remediation Public Sector

Customers

Customer Stories Chainguard Reviews

Resources

Events & Webinars Chainguard Courses Documentation Trust Center

Company

About Us Blog Partners Newsroom Careers Legal