Lucene search
K

47 matches found

Chainguard
Chainguard
added 2026/06/23 8:17 a.m.7 views

GHSA-VJHF-6XFR-5P9G vulnerabilities

Vulnerabilities for packages: harvester, harvester-fips, virt-controller-fips, virt-launcher, virt-operator-fips, virt-operator...

6.1AI score
Exploits0
Chainguard
Chainguard
added 2026/06/23 8:17 a.m.10 views

GHSA-4Q63-MR2M-57HF vulnerabilities

Vulnerabilities for packages: harvester, harvester-fips, virt-controller-fips, virt-launcher, virt-operator-fips, virt-operator...

6.1AI score
Exploits0
Chainguard
Chainguard
added 2026/06/23 8:17 a.m.8 views

GHSA-25MH-HP8X-CGRV vulnerabilities

Vulnerabilities for packages: harvester, harvester-fips, virt-controller-fips, virt-launcher, virt-operator-fips, virt-handler...

6.1AI score
Exploits0
Chainguard
Chainguard
added 2026/06/23 8:17 a.m.9 views

CVE-2025-14525 vulnerabilities

Vulnerabilities for packages: harvester, harvester-fips, virt-controller-fips, virt-launcher, virt-operator-fips, virt-handler...

6.4CVSS6.1AI score0.0026EPSS
Exploits0
Chainguard
Chainguard
added 2026/06/23 8:17 a.m.6 views

CVE-2024-31420 vulnerabilities

Vulnerabilities for packages: harvester, harvester-fips, virt-controller-fips, virt-launcher, virt-operator-fips, virt-operator...

6.5CVSS6.6AI score0.00639EPSS
Exploits0
Chainguard
Chainguard
added 2026/06/23 8:17 a.m.10 views

CVE-2024-33394 vulnerabilities

Vulnerabilities for packages: harvester, harvester-fips, virt-controller-fips, virt-launcher, virt-operator-fips, virt-operator...

5.9CVSS6.4AI score0.00324EPSS
Exploits0
Chainguard
Chainguard
added 2026/04/21 1:17 a.m.8 views

GHSA-J6CV-3W8P-VRG8 vulnerabilities

Vulnerabilities for packages: virt-controller, virt-controller-fips, virt-api-fips, virt-api, virt-launcher, virt-operator-fips, virt-handler, virt-operator, virt-handler-fips...

6.1AI score
Exploits0
Chainguard
Chainguard
added 2026/04/21 1:17 a.m.9 views

CVE-2026-6383 vulnerabilities

Vulnerabilities for packages: virt-controller, virt-controller-fips, virt-api-fips, virt-api, virt-launcher, virt-operator-fips, virt-handler, virt-operator, virt-handler-fips...

5.4CVSS6.1AI score0.0015EPSS
Exploits0
Chainguard
Chainguard
added 2026/04/11 2:18 a.m.49 views

GHSA-5W89-2C2X-6X66 vulnerabilities

Vulnerabilities for packages: dapr-fips, thanos-operator-fips, victoriametrics-fips, gitleaks, cerbos, secretgen-controller, tw, hubble-ui, k9s-fips, crossplane-provider-aws-eks-fips, kubelet-csr-approver-fips, agentbeat-fips, gotestsum, teleport-operator-fips, terraform-provider-sendgrid,...

6.1AI score
Exploits0
Chainguard
Chainguard
added 2026/04/11 2:18 a.m.13 views

CVE-2026-32283 vulnerabilities

Vulnerabilities for packages: cert-manager-openshift-routes-fips, jaeger, kubevirt-cdi-operator-fips, nats, tempo-fips, quic-go-fips, net-kourier, gitlab-kas-fips, vexctl, tofu-controller-fips, dapr-fips, plugin-barman-cloud-fips, pluto, thanos-operator-fips, databricks-cli-fips,...

7.5CVSS6.9AI score0.00621EPSS
Exploits0
Veracode
Veracode
added 2026/04/07 3:46 p.m.7 views

Logic Flaw

KubeVirt is vulnerable to a logic flaw. The vulnerability is due to improper validation in the virt-controller, which allows an attacker to create a malicious pod with matching labels to mislead the controller and disrupt VMI management, leading to denial-of-service...

5.3CVSS5.9AI score0.00347EPSS
Exploits1References3Affected Software1
RedhatCVE
RedhatCVE
added 2025/11/11 7:22 p.m.3 views

CVE-2025-64435

KubeVirt is a virtual machine management add-on for Kubernetes. Prior to 1.7.0-beta.0, a logic flaw in the virt-controller allows an attacker to disrupt the control over a running VMI by creating a pod with the same labels as the legitimate virt-launcher pod associated with the VMI. This can...

5.3CVSS5AI score0.00347EPSS
Exploits1References5
OSV
OSV
added 2025/11/07 11:15 p.m.7 views

AZL-69964 CVE-2025-64435 affecting package kubevirt for versions less than 0.59.0-33

KubeVirt is a virtual machine management add-on for Kubernetes. Prior to 1.7.0-beta.0, a logic flaw in the virt-controller allows an attacker to disrupt the control over a running VMI by creating a pod with the same labels as the legitimate virt-launcher pod associated with the VMI. This can...

5.3CVSS6.7AI score0.00347EPSS
Exploits1References1
OSV
OSV
added 2025/11/07 10:57 p.m.6 views

CVE-2025-64435 KubeVirt VMI Denial-of-Service (DoS) Using Pod Impersonation

KubeVirt is a virtual machine management add-on for Kubernetes. Prior to 1.7.0-beta.0, a logic flaw in the virt-controller allows an attacker to disrupt the control over a running VMI by creating a pod with the same labels as the legitimate virt-launcher pod associated with the VMI. This can...

5.3CVSS6.8AI score0.00347EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2025/11/07 10:57 p.m.7 views

CVE-2025-64435 KubeVirt VMI Denial-of-Service (DoS) Using Pod Impersonation

KubeVirt is a virtual machine management add-on for Kubernetes. Prior to 1.7.0-beta.0, a logic flaw in the virt-controller allows an attacker to disrupt the control over a running VMI by creating a pod with the same labels as the legitimate virt-launcher pod associated with the VMI. This can...

5.3CVSS6.2AI score0.00347EPSS
Exploits1References2
CVE
CVE
added 2025/11/07 10:57 p.m.38 views

CVE-2025-64435

CVE-2025-64435 affects KubeVirt’s virt-controller. A logic flaw allows an attacker to disrupt control of a running VMI by creating a pod with the same labels as the legitimate virt-launcher pod, causing the virt-controller to bind the fake pod to the VMI, leading to incorrect status updates and a...

5.3CVSS6.4AI score0.00347EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2025/11/07 10:57 p.m.16 views

CVE-2025-64435 KubeVirt VMI Denial-of-Service (DoS) Using Pod Impersonation

KubeVirt is a virtual machine management add-on for Kubernetes. Prior to 1.7.0-beta.0, a logic flaw in the virt-controller allows an attacker to disrupt the control over a running VMI by creating a pod with the same labels as the legitimate virt-launcher pod associated with the VMI. This can...

5.3CVSS0.00347EPSS
Exploits1References2
CNNVD
CNNVD
added 2025/11/07 12:0 a.m.3 views

Kubevirt 安全漏洞

Kubevirt is an open source virtual machine manager from KubeVirt. A security vulnerability exists in Kubevirt versions prior to 1.7.0-beta.0, which stems from a logic flaw in the virt-controller that could lead to a denial-of-service attack...

5.3CVSS5.3AI score0.00347EPSS
Exploits1References4
Github Security Blog
Github Security Blog
added 2025/11/06 11:35 p.m.9 views

KubeVirt VMI Denial-of-Service (DoS) Using Pod Impersonation

Summary Short summary of the problem. Make the impact and severity as clear as possible. A logic flaw in the virt-controller allows an attacker to disrupt the control over a running VMI by creating a pod with the same labels as the legitimate virt-launcher pod associated with the VMI. This can...

5.3CVSS7AI score0.00347EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologies
added 2025/11/06 12:0 a.m.6 views

PT-2025-45513

Name of the Vulnerable Software and Affected Versions KubeVirt versions prior to 1.7.0-beta.0 Description KubeVirt, a virtual machine management add-on for Kubernetes, contains a flaw in the virt-controller. An attacker can disrupt control over a running Virtual Machine Instance VMI by creating a...

5.3CVSS5.5AI score0.00347EPSS
Exploits1References21
Rows per page
Query Builder