Lucene search
+L

7 matches found

cgr
cgr
added 2026/03/26 1:17 a.m.7 views

CVE-2025-64437 vulnerabilities

Vulnerabilities for packages: docker-machine-driver-harvester...

5CVSS5.8AI score0.0021EPSS
Exploits1
wolfi
wolfi
added 2026/03/25 7:48 p.m.10 views

CVE-2025-64437 vulnerabilities

Vulnerabilities for packages: docker-machine-driver-harvester...

5CVSS6AI score0.0021EPSS
Exploits1
nessus
nessus
added 2025/12/10 12:0 a.m.5 views

SUSE SLES15 Security Update : kubevirt, virt-api-container, virt-controller-container, virt-exportproxy-container, virt-exportserver-container, virt-handler-container, virt-launcher-container, virt-libguestfs-tools-container, virt-operator-container, virt-pr-helper-container (SUSE-SU-2025:4330-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:4330-1 advisory. Updated kubevirt to version 1.6.3: - CVE-2025-22872: Fixed incorrect interpretation of tags leading content to be placed wrong scop...

8.5CVSS7.7AI score0.00478EPSS
Exploits5References21
nvd
nvd
added 2025/11/07 11:15 p.m.7 views

CVE-2025-64437

KubeVirt is a virtual machine management add-on for Kubernetes. In versions before 1.5.3 and 1.6.1, the virt-handler does not verify whether the launcher-sock is a symlink or a regular file. This oversight can be exploited, for example, to change the ownership of arbitrary files on the host node ...

5CVSS0.0021EPSS
Exploits1References4
osv
osv
added 2025/11/07 11:15 p.m.5 views

AZL-69970 CVE-2025-64437 affecting package kubevirt for versions less than 0.59.0-33

KubeVirt is a virtual machine management add-on for Kubernetes. In versions before 1.5.3 and 1.6.1, the virt-handler does not verify whether the launcher-sock is a symlink or a regular file. This oversight can be exploited, for example, to change the ownership of arbitrary files on the host node ...

5CVSS6.2AI score0.0021EPSS
Exploits1References1
osv
osv
added 2025/11/07 11:15 p.m.7 views

AZL-69805 CVE-2025-64437 affecting package kubevirt for versions less than 1.5.3-2

KubeVirt is a virtual machine management add-on for Kubernetes. In versions before 1.5.3 and 1.6.1, the virt-handler does not verify whether the launcher-sock is a symlink or a regular file. This oversight can be exploited, for example, to change the ownership of arbitrary files on the host node ...

5CVSS7.4AI score0.0021EPSS
Exploits1References1
circl
circl
added 2025/11/06 7:25 p.m.8 views

CVE-2025-64437

creationtimestamp| type| source ---|---|--- 2025-11-06 19:25:44+00:00| published-proof-of-concept| https://github.com/kubevirt/kubevirt/security/advisories/GHSA-2r4r-5x78-mvqf 2025-11-08 02:37:30+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m53kqz3zuo2s...

5CVSS5.7AI score0.0021EPSS
Exploits1References2
Rows per page
Query Builder