Posts in 2023

  • Kyverno and SLSA 3

    Wednesday, February 01, 2023 in General

    With the release of Kyverno 1.9, Kyverno has begun generating and attesting to the provenance of its release artifacts in the SLSA standard and provisionally meet Level 3. This blog post attempts to explain a bit about SLSA and Level 3 and how we …

    Read more

Posts in 2022

  • Kyverno CVE-2022-47633 affecting image verification

    Thursday, December 29, 2022 in General

    Summary Kyverno versions 1.8.3 and 1.8.4 contained a regression (CVE-2022-47633) which allowed a malicious proxy to facilitate a man-in-the-middle (MiTM) attack allowing an unsigned image to run in a Kubernetes cluster even if there was a Kyverno …

    Read more

  • New Kyverno Blog

    Friday, July 08, 2022 in General

    Welcome to the new Kyverno blog! As you can see, we now have a brand new and shiny blog page thanks to the folks behind the Docsy theme which the Kyverno website uses (in addition to others in the cloud native ecosystem). Subscribe to the handy RSS …

    Read more