30 matches found
CVE-2026-33814 affecting package kubevirt for versions less than 1.7.1-7
CVE-2026-33814 affecting package kubevirt for versions less than 1.7.1-7. A patched version of the package is available...
CVE-2026-39828 affecting package kubevirt for versions less than 1.7.1-5
CVE-2026-39828 affecting package kubevirt for versions less than 1.7.1-5. A patched version of the package is available...
CVE-2026-39829 affecting package kubevirt for versions less than 1.7.1-5
CVE-2026-39829 affecting package kubevirt for versions less than 1.7.1-5. A patched version of the package is available...
CVE-2026-25681 affecting package kubevirt for versions less than 1.7.1-5
CVE-2026-25681 affecting package kubevirt for versions less than 1.7.1-5. A patched version of the package is available...
CVE-2026-27136 affecting package kubevirt for versions less than 1.7.1-5
CVE-2026-27136 affecting package kubevirt for versions less than 1.7.1-5. A patched version of the package is available...
CVE-2026-39821 affecting package kubevirt for versions less than 1.7.1-5
CVE-2026-39821 affecting package kubevirt for versions less than 1.7.1-5. A patched version of the package is available...
CVE-2026-39830 affecting package kubevirt for versions less than 1.7.1-5
CVE-2026-39830 affecting package kubevirt for versions less than 1.7.1-5. A patched version of the package is available...
Incorrect Authorization
Overview Affected versions of this package are vulnerable to Incorrect Authorization due to improper truncation of subresource names in the authorization process. An attacker can gain unauthorized access to subresources or perform unauthorized actions by exploiting incorrect permission evaluation...
CVE-2025-58190 affecting package kubevirt for versions less than 1.7.0-3
CVE-2025-58190 affecting package kubevirt for versions less than 1.7.0-3. A patched version of the package is available...
CVE-2025-11065 affecting package kubevirt for versions less than 1.7.0-3
CVE-2025-11065 affecting package kubevirt for versions less than 1.7.0-3. A patched version of the package is available...
CVE-2025-11065 affecting package kubevirt for versions less than 0.59.0-38
CVE-2025-11065 affecting package kubevirt for versions less than 0.59.0-38. A patched version of the package is available...
CVE-2025-30204 affecting package kubevirt for versions less than 0.59.0-38
CVE-2025-30204 affecting package kubevirt for versions less than 0.59.0-38. A patched version of the package is available...
AZL-76950 CVE-2025-47911 affecting package kubevirt for versions less than 0.59.0-38
The html.Parse function in golang.org/x/net/html has quadratic parsing complexity when processing certain inputs, which can lead to denial of service DoS if an attacker provides specially crafted HTML content...
AZL-75449 CVE-2025-11065 affecting package kubevirt 1.6.3-3
A flaw was found in github.com/go-viper/mapstructure/v2, in the field processing component using mapstructure.WeakDecode. This vulnerability allows information disclosure through detailed error messages that may leak sensitive input values via malformed user-supplied data processed in...
CVE-2025-64436 affecting package kubevirt for versions less than 1.6.3-1
CVE-2025-64436 affecting package kubevirt for versions less than 1.6.3-1. An upgraded version of the package is available that resolves this issue...
CVE-2025-64432 affecting package kubevirt for versions less than 0.59.0-33
CVE-2025-64432 affecting package kubevirt for versions less than 0.59.0-33. A patched version of the package is available...
CVE-2025-64324 affecting package kubevirt for versions less than 1.5.3-3
CVE-2025-64324 affecting package kubevirt for versions less than 1.5.3-3. A patched version of the package is available...
CVE-2025-64434 affecting package kubevirt for versions less than 1.5.3-2
CVE-2025-64434 affecting package kubevirt for versions less than 1.5.3-2. An upgraded version of the package is available that resolves this issue...
CVE-2025-64433 affecting package kubevirt for versions less than 1.5.3-2
CVE-2025-64433 affecting package kubevirt for versions less than 1.5.3-2. An upgraded version of the package is available that resolves this issue...
AZL-70334 CVE-2025-47913 affecting package kubevirt for versions less than 1.5.3-2
SSH clients receiving SSHAGENTSUCCESS when expecting a typed response will panic and cause early termination of the client process...