Vulnerabilities > Kubevirt
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-03-15 | CVE-2023-26484 | Unspecified vulnerability in Kubevirt KubeVirt is a virtual machine management add-on for Kubernetes. | 8.2 |
2022-09-15 | CVE-2022-1798 | Path Traversal vulnerability in Kubevirt A path traversal vulnerability in KubeVirt versions up to 0.56 (and 0.55.1) on all platforms allows a user able to configure the kubevirt to read arbitrary files on the host filesystem which are publicly readable or which are readable for UID 107 or GID 107. | 6.5 |
2021-05-27 | CVE-2020-1701 | Unspecified vulnerability in Kubevirt A flaw was found in the KubeVirt main virt-handler versions before 0.26.0 regarding the access permissions of virt-handler. | 6.5 |
2020-07-29 | CVE-2020-14316 | A flaw was found in kubevirt 0.29 and earlier. | 9.9 |
2019-06-28 | CVE-2019-10175 | Missing Authorization vulnerability in Kubevirt Containerized-Data-Importer 1.4.0 A flaw was found in the containerized-data-importer in virt-cdi-cloner, version 1.4, where the host-assisted cloning feature does not determine whether the requesting user has permission to access the Persistent Volume Claim (PVC) in the source namespace. | 6.5 |
2019-03-25 | CVE-2019-3841 | Improper Certificate Validation vulnerability in Kubevirt Containerized Data Importer Kubevirt/virt-cdi-importer, versions 1.4.0 to 1.5.3 inclusive, were reported to disable TLS certificate validation when importing data into PVCs from container registries. | 6.8 |