2 matches found
AZL-34075 CVE-2024-21626 affecting package kubevirt for versions less than 0.59.0-14
runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. In runc 1.1.11 and earlier, due to an internal file descriptor leak, an attacker could cause a newly-spawned container process from runc exec to have a working directory in the host filesystem...
AZL-34904 CVE-2023-44487 affecting package kubevirt for versions less than 0.59.0-9
The HTTP/2 protocol allows a denial of service server resource consumption because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023...