10 matches found
SUSE CVE-2026-9804
A flaw was found in KubeVirt's virt-exportserver component. An attacker with specific namespace-level access can exploit a path traversal vulnerability in the VMExport directory endpoint. By placing a symbolic link symlink within an exported filesystem Persistent Volume Claim PVC that points...
CVE-2026-9804
A flaw was found in KubeVirt's virt-exportserver component. An attacker with specific namespace-level access can exploit a path traversal vulnerability in the VMExport directory endpoint. By placing a symbolic link symlink within an exported filesystem Persistent Volume Claim PVC that points...
CVE-2026-9804 Kubevirt: kubevirt: vmexport directory symlink escape enables exporter pod file read
A flaw was found in KubeVirt's virt-exportserver component. An attacker with specific namespace-level access can exploit a path traversal vulnerability in the VMExport directory endpoint. By placing a symbolic link symlink within an exported filesystem Persistent Volume Claim PVC that points...
CVE-2026-9804
KubeVirt's virt-exportserver is affected by a path traversal vulnerability in the VMExport directory endpoint. An attacker with namespace-level access can place a symlink inside an exported filesystem PVC that points outside the mount root, enabling read access to arbitrary files on the exporter ...
CVE-2026-9804
A flaw was found in KubeVirt's virt-exportserver component. An attacker with specific namespace-level access can exploit a path traversal vulnerability in the VMExport directory endpoint. By placing a symbolic link symlink within an exported filesystem Persistent Volume Claim PVC that points...
CVE-2026-9804 Kubevirt: kubevirt: vmexport directory symlink escape enables exporter pod file read
A flaw was found in KubeVirt's virt-exportserver component. An attacker with specific namespace-level access can exploit a path traversal vulnerability in the VMExport directory endpoint. By placing a symbolic link symlink within an exported filesystem Persistent Volume Claim PVC that points...
Symlink Attack
Overview Affected versions of this package are vulnerable to Symlink Attack via the virt-exportserver process. An attacker can access sensitive files from the exporter pod's filesystem by placing a symbolic link within an exported filesystem Persistent Volume Claim PVC that points outside its...
Symlink Attack
Overview Affected versions of this package are vulnerable to Symlink Attack via the virt-exportserver process. An attacker can access sensitive files from the exporter pod's filesystem by placing a symbolic link within an exported filesystem Persistent Volume Claim PVC that points outside its...
Kubevirt 后置链接漏洞
Kubevirt is an open-source virtual machine manager developed by KubeVirt. KubeVirt has a postback link vulnerability, which stems from a path traversal issue in the VMExport directory endpoint. This vulnerability allows attackers with access at a specific namespace level to create symbolic links...
PT-2026-44221
Name of the Vulnerable Software and Affected Versions KubeVirt versions prior to 1.8.3-1.1 Description A path traversal flaw exists in the virt-exportserver component. An attacker with namespace-level access can exploit the 'VMExport directory' endpoint by placing a symbolic link symlink within a...