Lucene search
K

4 matches found

SUSE CVE
SUSE CVE
added 2026/05/29 1:22 a.m.13 views

SUSE CVE-2026-9804

A flaw was found in KubeVirt's virt-exportserver component. An attacker with specific namespace-level access can exploit a path traversal vulnerability in the VMExport directory endpoint. By placing a symbolic link symlink within an exported filesystem Persistent Volume Claim PVC that points...

7.7CVSS5.8AI score0.00515EPSS
Exploits0References3
CVE
CVE
added 2026/05/28 8:15 a.m.28 views

CVE-2026-9804

KubeVirt's virt-exportserver is affected by a path traversal vulnerability in the VMExport directory endpoint. An attacker with namespace-level access can place a symlink inside an exported filesystem PVC that points outside the mount root, enabling read access to arbitrary files on the exporter ...

7.7CVSS5.8AI score0.00515EPSS
Exploits0References8
Vulnrichment
Vulnrichment
added 2026/05/28 8:15 a.m.7 views

CVE-2026-9804 Kubevirt: kubevirt: vmexport directory symlink escape enables exporter pod file read

A flaw was found in KubeVirt's virt-exportserver component. An attacker with specific namespace-level access can exploit a path traversal vulnerability in the VMExport directory endpoint. By placing a symbolic link symlink within an exported filesystem Persistent Volume Claim PVC that points...

7.7CVSS5.8AI score0.00515EPSS
Exploits0References7
EUVD
EUVD
added 2026/05/28 8:15 a.m.12 views

EUVD-2026-32748

A flaw was found in KubeVirt's virt-exportserver component. An attacker with specific namespace-level access can exploit a path traversal vulnerability in the VMExport directory endpoint. By placing a symbolic link symlink within an exported filesystem Persistent Volume Claim PVC that points...

7.7CVSS5.8AI score0.00515EPSS
Exploits0References2
Rows per page
Query Builder