47 matches found
CVE-2025-14525 vulnerabilities
Vulnerabilities for packages: virt-operator-fips, virt-controller-fips...
CVE-2024-31420 vulnerabilities
Vulnerabilities for packages: virt-operator-fips, virt-controller-fips...
GHSA-VJHF-6XFR-5P9G vulnerabilities
Vulnerabilities for packages: virt-operator-fips, virt-controller-fips...
GHSA-25MH-HP8X-CGRV vulnerabilities
Vulnerabilities for packages: virt-operator-fips, virt-controller-fips...
GHSA-4Q63-MR2M-57HF vulnerabilities
Vulnerabilities for packages: virt-operator-fips, virt-controller-fips...
CVE-2024-33394 vulnerabilities
Vulnerabilities for packages: virt-operator-fips, virt-controller-fips...
GHSA-J6CV-3W8P-VRG8 vulnerabilities
Vulnerabilities for packages: virt-operator-fips, virt-operator, virt-api-fips, virt-api, virt-handler, virt-controller-fips, virt-controller, virt-handler-fips...
CVE-2026-6383 vulnerabilities
Vulnerabilities for packages: virt-operator-fips, virt-operator, virt-api-fips, virt-api, virt-handler, virt-controller-fips, virt-controller, virt-handler-fips...
CVE-2026-32283 vulnerabilities
Vulnerabilities for packages: aws-efs-csi-driver, azuredisk-csi, crossplane-provider-aws-acm, kuma, mariadb-operator-fips, prometheus-postgres-exporter, cert-exporter, k8s-driver-manager, eks-node-monitoring-agent-fips, aws-eks-pod-identity-agent, kubernetes-csi-external-snapshotter,...
GHSA-5W89-2C2X-6X66 vulnerabilities
Vulnerabilities for packages: mariadb-operator-fips, kube-rbac-proxy-fips, spegel-fips, cluster-proportional-autoscaler-fips, tetragon-fips, policy-controller, spegel, postgres-operator, crossplane-provider-aws-ecr, buildkite-agent-fips, argo-rollouts, cosign, kapp, hugo-extended,...
Logic Flaw
KubeVirt is vulnerable to a logic flaw. The vulnerability is due to improper validation in the virt-controller, which allows an attacker to create a malicious pod with matching labels to mislead the controller and disrupt VMI management, leading to denial-of-service...
CVE-2025-64435
KubeVirt is a virtual machine management add-on for Kubernetes. Prior to 1.7.0-beta.0, a logic flaw in the virt-controller allows an attacker to disrupt the control over a running VMI by creating a pod with the same labels as the legitimate virt-launcher pod associated with the VMI. This can...
AZL-69964 CVE-2025-64435 affecting package kubevirt for versions less than 0.59.0-33
KubeVirt is a virtual machine management add-on for Kubernetes. Prior to 1.7.0-beta.0, a logic flaw in the virt-controller allows an attacker to disrupt the control over a running VMI by creating a pod with the same labels as the legitimate virt-launcher pod associated with the VMI. This can...
CVE-2025-64435 KubeVirt VMI Denial-of-Service (DoS) Using Pod Impersonation
KubeVirt is a virtual machine management add-on for Kubernetes. Prior to 1.7.0-beta.0, a logic flaw in the virt-controller allows an attacker to disrupt the control over a running VMI by creating a pod with the same labels as the legitimate virt-launcher pod associated with the VMI. This can...
CVE-2025-64435 KubeVirt VMI Denial-of-Service (DoS) Using Pod Impersonation
KubeVirt is a virtual machine management add-on for Kubernetes. Prior to 1.7.0-beta.0, a logic flaw in the virt-controller allows an attacker to disrupt the control over a running VMI by creating a pod with the same labels as the legitimate virt-launcher pod associated with the VMI. This can...
CVE-2025-64435
CVE-2025-64435 affects KubeVirt’s virt-controller. A logic flaw allows an attacker to disrupt control of a running VMI by creating a pod with the same labels as the legitimate virt-launcher pod, causing the virt-controller to bind the fake pod to the VMI, leading to incorrect status updates and a...
CVE-2025-64435 KubeVirt VMI Denial-of-Service (DoS) Using Pod Impersonation
KubeVirt is a virtual machine management add-on for Kubernetes. Prior to 1.7.0-beta.0, a logic flaw in the virt-controller allows an attacker to disrupt the control over a running VMI by creating a pod with the same labels as the legitimate virt-launcher pod associated with the VMI. This can...
Kubevirt 安全漏洞
Kubevirt is an open source virtual machine manager from KubeVirt. A security vulnerability exists in Kubevirt versions prior to 1.7.0-beta.0, which stems from a logic flaw in the virt-controller that could lead to a denial-of-service attack...
KubeVirt VMI Denial-of-Service (DoS) Using Pod Impersonation
Summary Short summary of the problem. Make the impact and severity as clear as possible. A logic flaw in the virt-controller allows an attacker to disrupt the control over a running VMI by creating a pod with the same labels as the legitimate virt-launcher pod associated with the VMI. This can...
PT-2025-45513
Name of the Vulnerable Software and Affected Versions KubeVirt versions prior to 1.7.0-beta.0 Description KubeVirt, a virtual machine management add-on for Kubernetes, contains a flaw in the virt-controller. An attacker can disrupt control over a running Virtual Machine Instance VMI by creating a...