github.com/kubewarden/kubewarden-controller

Go4 known CVEs affecting this package

Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.

CVEs affecting github.com/kubewarden/kubewarden-controllerpage 1 of 1

CVE-2025-24376MEDIUMCVSS 6.5EG 6.5✓ Fixed in 1.21.0
2025-01-30
kubewarden-controller is a Kubernetes controller that allows you to dynamically register Kubewarden admission policies. By design, AdmissionPolicy and AdmissionPolicyGroup can evaluate only namespaced resources. The resources to be evaluat…
CVE-2025-24784MEDIUMCVSS 4.3EG 4.3✓ Fixed in 1.21.0
2025-01-30
kubewarden-controller is a Kubernetes controller that allows you to dynamically register Kubewarden admission policies. The policy group feature, added to by the 1.17.0 release. By being namespaced, the AdmissionPolicyGroup has a well cons…
CVE-2026-29773MEDIUMCVSS 4.3EG 4.3✓ Fixed in 1.33.0
2026-03-10
Kubewarden is a policy engine for Kubernetes. Kubewarden cluster operators can grant permissions to users to deploy namespaced AdmissionPolicies and AdmissionPolicyGroups in their Namespaces. One of Kubewarden promises is that configured u…
CVE-2026-42541MEDIUMCVSS 4.3EG 4.3✓ Fixed in 1.35.0
2026-05-12
Kubewarden is a policy engine for Kubernetes. Prior to , An attacker with privileged AdmissionPolicy or AdmissionPolicyGroup create permissions (which isn't the default) can craft a policy that makes use of the can_i host callback. The cal…

Check whether github.com/kubewarden/kubewarden-controller is used in your infrastructure

EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for github.com/kubewarden/kubewarden-controller CVEs against the assets you own.

Start Free Scan →