/
DirectorySecurity AdvisoriesPricing
Sign in
Security Advisories

CGA-wjx2-r949-8x6w

Published

Last updated

https://images.chainguard.dev/security/CGA-wjx2-r949-8x6w
Package

kyverno-1.8

Repository

Chainguard

Latest Update
Fix not planned
Aliases
  • GHSA-m425-mq94-257g

Severity

Unknown

References

  • https://github.com/advisories/GHSA-m425-mq94-257g

Updates

Status

Fix not planned

Impact

Bumping the affected version of grpc is not possible at this pinned version of Kyverno (1.8.x). Upgrading the grpc package to version 1.56.3 causes unresolvable conflicts between Kyverno, OpenTelemetry and etcd. Upgrade to a more recent version of Kyverno to resolve this vulnerability.

Status

Affected

Impact

govulncheck confirms the affect symbol is present.


Safe Source for Open Sourceâ„¢
Contact us
© 2025 Chainguard. All Rights Reserved.
Private PolicyTerms of Use

Product

Chainguard ContainersChainguard LibrariesChainguard VMsIntegrationsPricing