{"id":"CLEANSTART-2026-WB12909","summary":"During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions","details":"Multiple security vulnerabilities affect the kyverno-policy-reporter-kyverno-plugin-fips package. During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions. See references for individual vulnerability details.","modified":"2026-05-20T18:00:15.869353458Z","published":"2026-04-16T01:02:48.908159Z","upstream":["CVE-2025-15558","CVE-2025-47907","CVE-2025-66564","CVE-2026-1229","CVE-2026-22039","CVE-2026-22703","CVE-2026-22772","CVE-2026-23831","CVE-2026-23881","CVE-2026-24051","CVE-2026-24117","CVE-2026-24137","CVE-2026-25679","CVE-2026-26958","CVE-2026-27139","CVE-2026-27142","CVE-2026-32280","CVE-2026-32281","CVE-2026-32282","CVE-2026-32283","CVE-2026-32289","CVE-2026-33186","CVE-2026-33810","ghsa-2464-8j7c-4cjm","ghsa-29wx-vh33-7x7r","ghsa-2x5j-vhc8-9cwm","ghsa-459x-q9hg-4gpq","ghsa-4qg8-fj49-pxjh","ghsa-4vq8-7jfc-9cvp","ghsa-6m8w-jc87-6cr7","ghsa-88jx-383q-w4qc","ghsa-95pr-fxf5-86gv","ghsa-c5q2-7r4c-mv6g","ghsa-c6gw-w398-hv78","ghsa-c77r-fh37-x2px","ghsa-f83f-xpx7-ffpw","ghsa-fv92-fjc5-jj9h","ghsa-jrr2-x33p-6hvc","ghsa-mh63-6h87-95cp","ghsa-mqqf-5wvp-8fh8","ghsa-p77j-4mvh-x3m3","ghsa-qjvc-p88j-j9rm","ghsa-r5p3-955p-5ggq","ghsa-v23v-6jw2-98fq","ghsa-v6v8-xj6m-xwqh","ghsa-xw73-rw38-6vjc"],"database_specific":{},"references":[{"type":"ADVISORY","url":"https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-WB12909.json"},{"type":"WEB","url":"https://osv.dev/vulnerability/CVE-2025-15558"},{"type":"WEB","url":"https://osv.dev/vulnerability/CVE-2025-47907"},{"type":"WEB","url":"https://osv.dev/vulnerability/CVE-2025-66564"},{"type":"WEB","url":"https://osv.dev/vulnerability/CVE-2026-1229"},{"type":"WEB","url":"https://osv.dev/vulnerability/CVE-2026-22039"},{"type":"WEB","url":"https://osv.dev/vulnerability/CVE-2026-22703"},{"type":"WEB","url":"https://osv.dev/vulnerability/CVE-2026-22772"},{"type":"WEB","url":"https://osv.dev/vulnerability/CVE-2026-23831"},{"type":"WEB","url":"https://osv.dev/vulnerability/CVE-2026-23881"},{"type":"WEB","url":"https://osv.dev/vulnerability/CVE-2026-24051"},{"type":"WEB","url":"https://osv.dev/vulnerability/CVE-2026-24117"},{"type":"WEB","url":"https://osv.dev/vulnerability/CVE-2026-24137"},{"type":"WEB","url":"https://osv.dev/vulnerability/CVE-2026-25679"},{"type":"WEB","url":"https://osv.dev/vulnerability/CVE-2026-26958"},{"type":"WEB","url":"https://osv.dev/vulnerability/CVE-2026-27139"},{"type":"WEB","url":"https://osv.dev/vulnerability/CVE-2026-27142"},{"type":"WEB","url":"https://osv.dev/vulnerability/CVE-2026-32280"},{"type":"WEB","url":"https://osv.dev/vulnerability/CVE-2026-32281"},{"type":"WEB","url":"https://osv.dev/vulnerability/CVE-2026-32282"},{"type":"WEB","url":"https://osv.dev/vulnerability/CVE-2026-32283"},{"type":"WEB","url":"https://osv.dev/vulnerability/CVE-2026-32289"},{"type":"WEB","url":"https://osv.dev/vulnerability/CVE-2026-33186"},{"type":"WEB","url":"https://osv.dev/vulnerability/CVE-2026-33810"},{"type":"WEB","url":"https://osv.dev/vulnerability/ghsa-2464-8j7c-4cjm"},{"type":"WEB","url":"https://osv.dev/vulnerability/ghsa-29wx-vh33-7x7r"},{"type":"WEB","url":"https://osv.dev/vulnerability/ghsa-2x5j-vhc8-9cwm"},{"type":"WEB","url":"https://osv.dev/vulnerability/ghsa-459x-q9hg-4gpq"},{"type":"WEB","url":"https://osv.dev/vulnerability/ghsa-4qg8-fj49-pxjh"},{"type":"WEB","url":"https://osv.dev/vulnerability/ghsa-4vq8-7jfc-9cvp"},{"type":"WEB","url":"https://osv.dev/vulnerability/ghsa-6m8w-jc87-6cr7"},{"type":"WEB","url":"https://osv.dev/vulnerability/ghsa-88jx-383q-w4qc"},{"type":"WEB","url":"https://osv.dev/vulnerability/ghsa-95pr-fxf5-86gv"},{"type":"WEB","url":"https://osv.dev/vulnerability/ghsa-c5q2-7r4c-mv6g"},{"type":"WEB","url":"https://osv.dev/vulnerability/ghsa-c6gw-w398-hv78"},{"type":"WEB","url":"https://osv.dev/vulnerability/ghsa-c77r-fh37-x2px"},{"type":"WEB","url":"https://osv.dev/vulnerability/ghsa-f83f-xpx7-ffpw"},{"type":"WEB","url":"https://osv.dev/vulnerability/ghsa-fv92-fjc5-jj9h"},{"type":"WEB","url":"https://osv.dev/vulnerability/ghsa-jrr2-x33p-6hvc"},{"type":"WEB","url":"https://osv.dev/vulnerability/ghsa-mh63-6h87-95cp"},{"type":"WEB","url":"https://osv.dev/vulnerability/ghsa-mqqf-5wvp-8fh8"},{"type":"WEB","url":"https://osv.dev/vulnerability/ghsa-p77j-4mvh-x3m3"},{"type":"WEB","url":"https://osv.dev/vulnerability/ghsa-qjvc-p88j-j9rm"},{"type":"WEB","url":"https://osv.dev/vulnerability/ghsa-r5p3-955p-5ggq"},{"type":"WEB","url":"https://osv.dev/vulnerability/ghsa-v23v-6jw2-98fq"},{"type":"WEB","url":"https://osv.dev/vulnerability/ghsa-v6v8-xj6m-xwqh"},{"type":"WEB","url":"https://osv.dev/vulnerability/ghsa-xw73-rw38-6vjc"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-15558"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-47907"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-66564"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-1229"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-22039"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-22703"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-22772"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-23831"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-23881"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-24051"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-24117"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-24137"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-25679"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-26958"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-27139"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-27142"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-32280"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-32281"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-32282"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-32283"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-32289"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-33186"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-33810"}],"affected":[{"package":{"name":"kyverno-policy-reporter-kyverno-plugin-fips","ecosystem":"CleanStart"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.4.2-r8"}]}],"database_specific":{"source":"https://github.com/cleanstart-dev/cleanstart-security-advisories/blob/main/advisories/2026/CLEANSTART-2026-WB12909.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}