Libvirt Security Vulnerabilities and Issues — Libvirt CVE List

Lucene search

RedhatLibvirt

3 matches found

CVE•added 2021/05/27 8:15 p.m.•150 views

CVE-2020-14301

An information disclosure vulnerability was found in libvirt in versions before 6.3.0. HTTP cookies used to access network-based disks were saved in the XML dump of the guest domain. This flaw allows an attacker to access potentially sensitive information in the domain configuration via the dumpxml...

6.5CVSS6.8AI score0.00264EPSS

CVE•added 2021/05/27 7:15 p.m.•73 views

CVE-2020-10701

A missing authorization flaw was found in the libvirt API responsible for changing the QEMU agent response timeout. This flaw allows read-only connections to adjust the time that libvirt waits for the QEMU guest agent to respond to agent commands. Depending on the timeout value that is set, this fl...

6.5CVSS6.2AI score0.0025EPSS

CVE•added 2021/05/24 12:15 p.m.•69 views

CVE-2021-3559

A flaw was found in libvirt in the virConnectListAllNodeDevices API in versions before 7.0.0. It only affects hosts with a PCI device and driver that supports mediated devices (e.g., GRID driver). This flaw could be used by an unprivileged client with a read-only connection to crash the libvirt dae...

6.5CVSS6.4AI score0.00368EPSS