GHSA-f9g8-6ppc-pqq4: Kyverno: ServiceAccount token leaked to external servers via apiCall service URL

April 16, 2026

Kyverno’s apiCall feature in ClusterPolicy automatically attaches the admission controller’s ServiceAccount token to outgoing HTTP requests. The service URL has no validation — it can point anywhere, including attacker-controlled servers. Since the admission controller SA has permissions to patch webhook configurations, a stolen token leads to full cluster compromise.

References

github.com/advisories/GHSA-f9g8-6ppc-pqq4
github.com/kyverno/kyverno
github.com/kyverno/kyverno/security/advisories/GHSA-f9g8-6ppc-pqq4

Code Behaviors & Features

Detect and mitigate GHSA-f9g8-6ppc-pqq4 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →