4 matches found
SUSE CVE-2026-9804
A flaw was found in KubeVirt's virt-exportserver component. An attacker with specific namespace-level access can exploit a path traversal vulnerability in the VMExport directory endpoint. By placing a symbolic link symlink within an exported filesystem Persistent Volume Claim PVC that points...
CVE-2026-9804 Kubevirt: kubevirt: vmexport directory symlink escape enables exporter pod file read
A flaw was found in KubeVirt's virt-exportserver component. An attacker with specific namespace-level access can exploit a path traversal vulnerability in the VMExport directory endpoint. By placing a symbolic link symlink within an exported filesystem Persistent Volume Claim PVC that points...
CVE-2026-9804
KubeVirt's virt-exportserver is affected by a path traversal vulnerability in the VMExport directory endpoint. An attacker with namespace-level access can place a symlink inside an exported filesystem PVC that points outside the mount root, enabling read access to arbitrary files on the exporter ...
EUVD-2026-32748
A flaw was found in KubeVirt's virt-exportserver component. An attacker with specific namespace-level access can exploit a path traversal vulnerability in the VMExport directory endpoint. By placing a symbolic link symlink within an exported filesystem Persistent Volume Claim PVC that points...