diff --git a/go.mod b/go.mod
index 3a79b4d583..691a60f71a 100644
--- a/go.mod
+++ b/go.mod
@@ -55,7 +55,7 @@ require (
 	go.uber.org/zap v1.23.0
 	golang.org/x/crypto v0.0.0-20221012134737-56aed061732a
 	golang.org/x/exp v0.0.0-20221012211006-4de253d81b95
-	golang.org/x/text v0.3.8
+	golang.org/x/text v0.4.0
 	google.golang.org/grpc v1.50.0
 	gopkg.in/inf.v0 v0.9.1
 	gopkg.in/yaml.v2 v2.4.0
@@ -341,14 +341,15 @@ require (
 	go.opentelemetry.io/proto/otlp v0.16.0 // indirect
 	go.starlark.net v0.0.0-20200306205701-8dd3e2ee1dd5 // indirect
 	go.uber.org/atomic v1.10.0 // indirect
-	golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4 // indirect
-	golang.org/x/net v0.0.0-20221012135044-0b7e1fb9d458 // indirect
+	golang.org/x/lint v0.0.0-20210508222113-6edffad5e616 // indirect
+	golang.org/x/mod v0.7.0 // indirect
+	golang.org/x/net v0.2.0 // indirect
 	golang.org/x/oauth2 v0.0.0-20221006150949-b44042a4b9c1 // indirect
-	golang.org/x/sync v0.0.0-20220929204114-8fcdb60fdcc0 // indirect
-	golang.org/x/sys v0.0.0-20221010170243-090e33056c14 // indirect
-	golang.org/x/term v0.0.0-20220919170432-7a66f970e087 // indirect
+	golang.org/x/sync v0.1.0 // indirect
+	golang.org/x/sys v0.2.0 // indirect
+	golang.org/x/term v0.2.0 // indirect
 	golang.org/x/time v0.0.0-20220922220347-f3bd1da661af // indirect
-	golang.org/x/tools v0.1.12 // indirect
+	golang.org/x/tools v0.3.0 // indirect
 	google.golang.org/api v0.98.0 // indirect
 	google.golang.org/appengine v1.6.7 // indirect
 	google.golang.org/genproto v0.0.0-20220930163606-c98284e70a91 // indirect
diff --git a/pkg/policy/validate.go b/pkg/policy/validate.go
index 867e9366d2..7c134a1d09 100644
--- a/pkg/policy/validate.go
+++ b/pkg/policy/validate.go
@@ -1184,7 +1184,6 @@ func validateWildcard(kinds []string, spec *kyvernov1.Spec, rule kyvernov1.Rule)
 					" the rule does not match any kind")
 			}
 		}
-
 	}
 	return nil
 }
diff --git a/test/conformance/kuttl/validate/clusterpolicy/standard/block-policy/01-script.yaml b/test/conformance/kuttl/validate/clusterpolicy/standard/block-policy/01-script.yaml
new file mode 100644
index 0000000000..be98aa90ed
--- /dev/null
+++ b/test/conformance/kuttl/validate/clusterpolicy/standard/block-policy/01-script.yaml
@@ -0,0 +1,14 @@
+## Checks that the manifests.yaml file CANNOT be successfully created. If it can, fail the test as this is incorrect.
+
+apiVersion: kuttl.dev/v1beta1
+kind: TestStep
+commands:
+- script: |
+    if kubectl apply -f policy.yaml
+    then 
+      echo "Tested failed. policy was allowed."
+      exit 1 
+    else 
+      echo "Test succeeded. policy was blocked."
+      exit 0
+    fi
\ No newline at end of file
diff --git a/test/conformance/kuttl/validate/clusterpolicy/standard/block-policy/README.md b/test/conformance/kuttl/validate/clusterpolicy/standard/block-policy/README.md
new file mode 100644
index 0000000000..0472fabd70
--- /dev/null
+++ b/test/conformance/kuttl/validate/clusterpolicy/standard/block-policy/README.md
@@ -0,0 +1 @@
+Fix wildcard issue for Any/All block all match/exclude kinds
\ No newline at end of file
diff --git a/test/conformance/kuttl/validate/clusterpolicy/standard/block-policy/policy.yaml b/test/conformance/kuttl/validate/clusterpolicy/standard/block-policy/policy.yaml
new file mode 100644
index 0000000000..8a161ad7bf
--- /dev/null
+++ b/test/conformance/kuttl/validate/clusterpolicy/standard/block-policy/policy.yaml
@@ -0,0 +1,39 @@
+apiVersion: kyverno.io/v1
+kind: ClusterPolicy
+metadata:
+  name: verify-image
+  annotations:
+    policies.kyverno.io/title: Verify Image
+    policies.kyverno.io/category: Sample
+    policies.kyverno.io/severity: medium
+    policies.kyverno.io/subject: Pod
+    policies.kyverno.io/minversion: 1.7.0
+    policies.kyverno.io/description: >-
+      Using the Cosign project, OCI images may be signed to ensure supply chain
+      security is maintained. Those signatures can be verified before pulling into
+      a cluster. This policy checks the signature of an image repo called
+      ghcr.io/kyverno/test-verify-image to ensure it has been signed by verifying
+      its signature against the provided public key. This policy serves as an illustration for
+      how to configure a similar rule and will require replacing with your image(s) and keys.      
+spec:
+  validationFailureAction: enforce
+  background: false
+  rules:
+    - name: verify-image
+      match:
+        any:
+        - resources:
+            kinds:
+              - "*"
+      verifyImages:
+      - imageReferences:
+        - "ghcr.io/kyverno/test-verify-image:*"
+        mutateDigest: true
+        attestors:
+        - entries:
+          - keys:
+              publicKeys: |
+                -----BEGIN PUBLIC KEY-----
+                MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE8nXRh950IZbRj8Ra/N9sbqOPZrfM
+                5/KAQN0/KjHcorm/J5yctVd7iEcnessRQjU917hmKO6JWVGHpDguIyakZA==
+                -----END PUBLIC KEY-----