CVE-2019-3841
Kubevirt/virt-cdi-importer, versions 1.4.0–1.5.3, were reported to disable TLS certificate validation when importing data into PVCs from container registries, enabling potential man-in-the-middle attacks that could tamper with trusted container image content. The affected component is the virt-cd...