Lucene search
K

59 matches found

Snyk
Snyk
added 2026/06/25 12:0 a.m.3 views

UNIX Symbolic Link (Symlink) Following

Overview Affected versions of this package are vulnerable to UNIX Symbolic Link Symlink Following through the WriteToCachedFile function when handling network cache files in certain configurations. An attacker can overwrite specific host files and change their ownership by planting a symbolic lin...

4.2CVSS6.1AI score0.00107EPSS
Exploits0References2
NVD
NVD
added 2026/06/24 9:16 p.m.7 views

CVE-2026-13208

A flaw was found in KubeVirt's virt-handler domain notify server. The gRPC handlers for HandleDomainEvent and HandleK8SEvent derive the VMI identity namespace/name solely from the request body without validating it against the connection's origin. Each virt-launcher pod connects through a per-VMI...

6.5CVSS0.0009EPSS
Exploits0References2
NVD
NVD
added 2026/06/24 9:16 p.m.8 views

CVE-2026-13201

A flaw was found in KubeVirt's safepath package used by virt-handler. The OpenAtNoFollow function uses OPATH|ONOFOLLOW to obtain a file descriptor to a path leaf, but downstream operations resolve the path via /proc/self/fd/N using link-following syscalls. When the leaf is a symlink, the kernel...

7.3CVSS0.00122EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/24 8:39 p.m.7 views

CVE-2026-13201 Kubevirt: virt-handler-rhel9: kubevirt: safepath symlink following in virt-handler enables notify socket hijacking and node-level vm disruption

A flaw was found in KubeVirt's safepath package used by virt-handler. The OpenAtNoFollow function uses OPATH|ONOFOLLOW to obtain a file descriptor to a path leaf, but downstream operations resolve the path via /proc/self/fd/N using link-following syscalls. When the leaf is a symlink, the kernel...

7.3CVSS6AI score0.00122EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/24 8:39 p.m.5 views

EUVD-2026-39086

A flaw was found in KubeVirt's safepath package. The OpenAtNoFollow function uses OPATH|ONOFOLLOW to obtain a file descriptor to a path leaf, but downstream helpers operate via /proc/self/fd/N using link-following syscalls. When the leaf is a symlink, the kernel dereferences it, defeating the...

5.2CVSS5.8AI score0.00122EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/24 8:39 p.m.5 views

CVE-2026-13201

A flaw was found in KubeVirt's safepath package used by virt-handler. The OpenAtNoFollow function uses OPATH|ONOFOLLOW to obtain a file descriptor to a path leaf, but downstream operations resolve the path via /proc/self/fd/N using link-following syscalls. When the leaf is a symlink, the kernel...

7.3CVSS6AI score0.00122EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/24 8:38 p.m.7 views

CVE-2026-13201

A flaw was found in KubeVirt's safepath package used by virt-handler. The OpenAtNoFollow function uses OPATH|ONOFOLLOW to obtain a file descriptor to a path leaf, but downstream operations resolve the path via /proc/self/fd/N using link-following syscalls. When the leaf is a symlink, the kernel...

7.3CVSS6AI score0.00122EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.12 views

PT-2026-52087

Name of the Vulnerable Software and Affected Versions KubeVirt affected versions not specified Description A flaw exists in the safepath package used by virt-handler. The OpenAtNoFollow function utilizes O PATH|O NOFOLLOW to obtain a file descriptor for a path leaf; however, subsequent operations...

7.3CVSS6AI score0.00122EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.15 views

PT-2026-52088

Name of the Vulnerable Software and Affected Versions KubeVirt affected versions not specified Description A flaw exists in the KubeVirt virt-handler domain notify server. The gRPC handlers HandleDomainEvent and HandleK8SEvent determine the VMI identity namespace/name based only on the request...

6.5CVSS5.8AI score0.0009EPSS
Exploits0References5
Veracode
Veracode
added 2026/04/07 4:11 p.m.5 views

Improper Link Resolution

kubevirt.io/kubevirt is vulnerable to improper link resolution. The vulnerability is due to lack of verification of whether the launcher-sock is a symlink or regular file, which allows an attacker with control over the virt-launcher pod file system to manipulate file ownership on the host and...

5CVSS6AI score0.0021EPSS
Exploits1References5Affected Software1
Veracode
Veracode
added 2026/04/07 3:26 p.m.8 views

Improper Symlink Handling

kubevirt.io/kubevirt is vulnerable to improper symlink handling. The vulnerability is due to improper validation of symbolic links in PVC disk mounting along with incorrect file ownership changes, which allows an attacker with control over PVC contents to create malicious symlinks and read...

6.5CVSS6AI score0.00475EPSS
Exploits1References5Affected Software1
SUSE CVE
SUSE CVE
added 2025/11/11 12:23 a.m.11 views

SUSE CVE-2025-64433

KubeVirt is a virtual machine management add-on for Kubernetes. Prior to 1.5.3 and 1.6.1, a vulnerability was discovered that allows a VM to read arbitrary files from the virt-launcher pod's file system. This issue stems from improper symlink handling when mounting PVC disks into a VM...

6.5CVSS6.7AI score0.00475EPSS
Exploits1References7
Snyk
Snyk
added 2025/11/07 11:46 p.m.2 views

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal via improper symlink handling during the mounting process. An attacker can access and read arbitrary files from the virt-launcher pod's file system by creating a symbolic link within a PVC that points to sensitive...

7.1CVSS6.2AI score0.00475EPSS
Exploits1References2
Snyk
Snyk
added 2025/11/07 11:46 p.m.4 views

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal via improper symlink handling during the mounting process. An attacker can access and read arbitrary files from the virt-launcher pod's file system by creating a symbolic link within a PVC that points to sensitive...

7.1CVSS6.2AI score0.00475EPSS
Exploits1References2
Snyk
Snyk
added 2025/11/07 11:46 p.m.2 views

Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization. An attacker can disrupt control over a running virtual machine instance by creating a pod with identical labels to the legitimate virt-launcher pod, misleading the controller into associating the fake pod with t...

6CVSS5.4AI score0.00347EPSS
Exploits1References2
Snyk
Snyk
added 2025/11/07 11:46 p.m.2 views

Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization. An attacker can disrupt control over a running virtual machine instance by creating a pod with identical labels to the legitimate virt-launcher pod, misleading the controller into associating the fake pod with t...

6CVSS5.4AI score0.00347EPSS
Exploits1References2
Snyk
Snyk
added 2025/11/07 11:46 p.m.4 views

Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization. An attacker can disrupt control over a running virtual machine instance by creating a pod with identical labels to the legitimate virt-launcher pod, misleading the controller into associating the fake pod with t...

6CVSS5.4AI score0.00347EPSS
Exploits1References2
Snyk
Snyk
added 2025/11/07 11:46 p.m.3 views

Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization. An attacker can disrupt control over a running virtual machine instance by creating a pod with identical labels to the legitimate virt-launcher pod, misleading the controller into associating the fake pod with t...

6CVSS5.4AI score0.00347EPSS
Exploits1References2
Snyk
Snyk
added 2025/11/07 11:46 p.m.1 views

Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization. An attacker can disrupt control over a running virtual machine instance by creating a pod with identical labels to the legitimate virt-launcher pod, misleading the controller into associating the fake pod with t...

6CVSS5.4AI score0.00347EPSS
Exploits1References2
Snyk
Snyk
added 2025/11/07 11:46 p.m.5 views

Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization. An attacker can disrupt control over a running virtual machine instance by creating a pod with identical labels to the legitimate virt-launcher pod, misleading the controller into associating the fake pod with t...

6CVSS5.4AI score0.00347EPSS
Exploits1References2
Rows per page
Query Builder