GMS-2022-8623: Bypass of verifyImages rule possible with malicious proxy/registry
Users of Kyverno on versions 1.8.3 or 1.8.4 who use verifyImages
rules to verify container image signatures, and do not prevent use of unknown registries.
References
Detect and mitigate GMS-2022-8623 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →