{"id":"GO-2022-1180","summary":"Verification rule bypass in github.com/kyverno/kyverno","details":"A malicious proxy/registry can bypass verifyImages rules.","aliases":["BIT-kyverno-2022-47633","CVE-2022-47633","GHSA-m3cq-xcx9-3gvm"],"modified":"2026-03-17T04:29:17.033397Z","published":"2022-12-27T18:24:54Z","database_specific":{"review_status":"REVIEWED","url":"https://pkg.go.dev/vuln/GO-2022-1180"},"references":[{"type":"ADVISORY","url":"https://github.com/kyverno/kyverno/security/advisories/GHSA-m3cq-xcx9-3gvm"},{"type":"FIX","url":"https://github.com/kyverno/kyverno/pull/5713"}],"affected":[{"package":{"name":"github.com/kyverno/kyverno","ecosystem":"Go","purl":"pkg:golang/github.com/kyverno/kyverno"},"ranges":[{"type":"SEMVER","events":[{"introduced":"1.8.3"},{"fixed":"1.8.5"}]}],"ecosystem_specific":{"imports":[{"symbols":["imageVerifier.verifyAttestation","imageVerifier.verifyAttestations","imageVerifier.verifyAttestorSet","imageVerifier.verifyAttestors","imageVerifier.verifyImage"],"path":"github.com/kyverno/kyverno/pkg/engine"}]},"database_specific":{"source":"https://vuln.go.dev/ID/GO-2022-1180.json"}}],"schema_version":"1.7.5","credits":[{"name":"@slashben"}]}