4.3

CVE-2026-29773

kubewarden-controller cross-namespace data exfiltration via deprecated host callback binding

Kubewarden is a policy engine for Kubernetes. Kubewarden cluster operators can grant permissions to users to deploy namespaced AdmissionPolicies and AdmissionPolicyGroups in their Namespaces. One of Kubewarden promises is that configured users can deploy namespaced policies in a safe manner, without privilege escalation. An attacker with privileged "AdmissionPolicy" create permissions (which isn't the default) could make use of 3 deprecated host-callback APIs: kubernetes/ingresses, kubernetes/namespaces, kubernetes/services. The attacker can craft a policy that exercises these deprecated API calls and would allow them read access to Ingresses, Namespaces, and Services resources respectively. 
This attack is read-only, there is no write capability and no access to Secrets, ConfigMaps, or other resource types beyond these three.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxfoundationKubewarden SwPlatformkubernetes Version >= 1.6.0 < 1.33.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.19% 0.081
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
security-advisories@github.com 4.3 2.8 1.4
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
CWE-863 Incorrect Authorization

The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.

https://github.com/kubewarden/kubewarden-controller/security/advisories/GHSA-6r7f-3fwq-hq74
Vendor Advisory
Mitigation
https://github.com/kubewarden/kubewarden-controller/pull/1519
Patch
Issue Tracking
https://github.com/kubewarden/kubewarden-controller/commit/4e41b60ae44902d82d94101bac93fb77cae65651
Patch