CVE-2019-10175
The vulnerability CVE-2019-10175 affects containerized-data-importer (virt-cdi-cloner) 1.4 where host-assisted cloning does not verify if the requesting user has permission to access a PVC in the source namespace. This can allow cloning any PVC in the cluster into the user’s namespace, effectivel...