How severe is CVE-2025-29778?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.8 out of 10.

What type of vulnerability is CVE-2025-29778?

This is classified as CWE-285, which is a common weakness in software security.

CVE-2025-29778 - MEDIUM Severity | CVSS 5.8

Vulnerability Description

Kyverno is a policy engine designed for cloud native platform engineering teams. Prior to version 1.14.0-alpha.1, Kyverno ignores subjectRegExp and IssuerRegExp while verifying artifact's sign with keyless mode. It allows the attacker to deploy kubernetes resources with the artifacts that were signed by unexpected certificate. Deploying these unauthorized kubernetes resources can lead to full compromise of kubernetes cluster. Version 1.14.0-alpha.1 contains a patch for the issue.

Related Vulnerabilities

CVE-2018-20945

MEDIUM

CVSS:5.7(Medium)

bin/csvprocess in cPanel before 68.0.27 allows insecure file operations (SEC-354).

CWE-2852018

CVE-2021-25507

MEDIUM

CVSS:5.7(Medium)

Improper authorization vulnerability in Samsung Flow mobile application prior to 4.8.03.5 allows Samsung Flow PC application connected with user device to access part of notification data in Secure Fo...

CWE-2852021

CVE-2022-2393

MEDIUM

CVSS:5.7(Medium)

A flaw was found in pki-core, which could allow a user to get a certificate for another user identity when directory-based authentication is enabled. This flaw allows an authenticated attacker on the ...

CWE-2852022

CVE-2019-18827

MEDIUM

CVSS:5.9(Medium)

On Barco ClickShare Button R9861500D01 devices (before firmware version 1.9.0) JTAG access is disabled after ROM code execution. This means that JTAG access is possible when the system is running code...

CWE-2852019

CVE-2020-3150

MEDIUM

CVSS:5.9(Medium)

A vulnerability in the web-based management interface of Cisco Small Business RV110W and RV215W Series Routers could allow an unauthenticated, remote attacker to download sensitive information from th...

CWE-2852020

CVE-2024-12483

MEDIUM

CVSS:5.9(Medium)

A vulnerability classified as problematic has been found in Dromara UJCMS up to 9.6.3. This affects an unknown part of the file /users/id of the component User ID Handler. The manipulation leads to au...

CWE-2852024