Detections
Analytics
SCA: security update for github.com/kubewarden/kubewarden-controller (GHSA-6r7f-3fwq-hq74)
medium Tenable Cloud Security Plugin ID 438501
Description
There are packages installed that are affected by a vulnerability referenced in the following CVE:- Kubewarden is a policy engine for Kubernetes. Kubewarden cluster operators can grant permissions to users
to deploy namespaced AdmissionPolicies and AdmissionPolicyGroups in their Namespaces. One of Kubewarden
promises is that configured users can deploy namespaced policies in a safe manner, without privilege
escalation. An attacker with privileged "AdmissionPolicy" create permissions (which isn't the default)
could make use of 3 deprecated host-callback APIs: kubernetes/ingresses, kubernetes/namespaces,
kubernetes/services. The attacker can craft a policy that exercises these deprecated API calls and would
allow them read access to Ingresses, Namespaces, and Services resources respectively. This attack is read-
only, there is no write capability and no access to Secrets, ConfigMaps, or other resource types beyond
these three. (CVE-2026-29773)
Solution
Update the github.com/kubewarden/kubewarden-controller library and its related packages to version 1.33.0 or later.See Also
Plugin Details
Severity: Medium
ID: 438501
Version: Revision 1.10
Type: Local
Family: SCA Checks
Published: 3/9/2026
Updated: 6/29/2026
Supported Sensors: Tenable Cloud Security, Tenable Self-Hosted Container Security
Risk Information
VPR
Risk Factor: Low
Score: 1.4
Vendor
Vendor Severity: Medium
CVSS v2
Risk Factor: Medium
Base Score: 4
Temporal Score: 3
Vector: CVSS2#AV:N/AC:L/Au:S/C:P/I:N/A:N
CVSS Score Source: CVE-2026-29773
CVSS v3
Risk Factor: Medium
Base Score: 4.3
Temporal Score: 3.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
Vulnerability Information
Exploit Ease: No known exploits are available
Patch Publication Date: 3/9/2026
Vulnerability Publication Date: 3/9/2026
Reference Information
CVE: CVE-2026-29773
cwe: CWE-863