2 matches found
kubernetes-csi: CSI volume snapshot, cloning and resizing features can result in unauthorized volume data access or mutation
Improper input validation in Kubernetes CSI sidecar containers for external-provisioner v0.4.3, v1.0.2, v1.1, v1.2.2, v1.3.1, external-snapshotter v0.4.2, v1.0.2, v1.1, 1.2.2, and external-resizer v0.1, v0.2 could result in unauthorized PersistentVolume data access or volume mutation during...
rhevm: insufficient target domain permission check when cloning a VM from a snapshot
Red Hat Enterprise Virtualization Manager RHEVM before 3.2 does not properly check permissions for the target storage domain, which allows attackers to cause a denial of service disk space consumption by cloning a VM from a snapshot...