PT-2024-25229
Name of the Vulnerable Software and Affected Versions kubevirt versions 1.2.0 and earlier Description The issue allows a local attacker to execute arbitrary code via a crafted command to get the token component. This can be done by sending a crafted command to the /kubevirt.io/kubevirt API...