Lucene search
K
RedhatOpenshift Virtualization

11 matches found

CVE
CVE
added 2023/10/10 12:0 a.m.5298 views

CVE-2023-44487

CVE-2023-44487 – HTTP/2 Rapid Reset DoS Root cause: HTTP/2 stream resets can cause servers to continue processing, leading to unbounded resource consumption and potential DoS when clients rapidly cancel streams. What’s affected: Various HTTP/2 implementations and deployments, including servers, p...

7.5CVSS8AI score0.99999EPSS
In wildWeb
CVE
CVE
added 2023/12/18 12:0 a.m.4887 views

CVE-2023-48795

CVE-2023-48795 is referenced across several connected advisories, detailing affected packages and required upgrades. Astra Linux/CBL-Mariner entries note: podman (<5.6.1-2) needs upgrade, erlang (<25.2-1), libssh2 (<1.11.1-1), libssh (<0.10.6-1), terraform (<1.3.2-25), kubevirt (&l...

5.9CVSS6.7AI score0.9378EPSS
CVE
CVE
added 2020/07/29 6:48 p.m.75 views

CVE-2020-14316

CVE-2020-14316 – mode C Affected software: kubevirt (VMIs) prior to 0.29.0. Root cause: insufficient isolation controls between VMIs and host, enabling a VM process to access the host filesystem. Impact: attacker can gain the privileges of the VM on the host, potentially reading and modifying any...

9.9CVSS9.3AI score0.01576EPSS
CVE
CVE
added 2021/06/07 7:52 p.m.70 views

CVE-2020-1742

CVE-2020-1742 targets containers using nmstate/kubernetes-nmstate-handler with an insecure modification vulnerability that allows an attacker with container access to modify /etc/passwd and escalate privileges. Connected guidance confirms affected image: kubernetes-nmstate-handler-container-v2.3....

7CVSS7AI score0.00256EPSS
CVE
CVE
added 2026/06/25 11:23 p.m.19 views

CVE-2026-13218

CVE-2026-13218 : In KubeVirt, the virt-handler network cache handling allows a symlink attack via WriteToCachedFile, which writes to a launcher-rooted path with os.WriteFile and os.Chown. A user inside the virt-launcher container can place a symlink at the cache path, causing virt-handler to foll...

4.2CVSS5.9AI score0.00105EPSS
CVE
CVE
added 2026/06/25 11:23 p.m.16 views

CVE-2026-13318

KubeVirt exposes an SSRF in virt-api port-forward: when handling a port-forward to a VirtualMachineInstance, virt-api reads vmi.Status.Interfaces[0].IP and dials it without validation. For VMIs using non-masquerade networks (bridge or secondary-only), this IP is supplied by the in-guest QEMU agen...

6.4CVSS6AI score0.00164EPSS
CVE
CVE
added 2026/06/26 10:41 a.m.15 views

CVE-2026-13325

The CVE-2026-13325 issue affects KubeVirt’s migration proxy. When spec.configuration.migrations.disableTLS is set to true, the target virt-handler binds a plain TCP listener on all interfaces (0.0.0.0/::) on a random port with no authentication, peer allow-list, or handshake token. This listener ...

8.5CVSS5.8AI score0.00172EPSS
CVE
CVE
added 2026/06/26 12:4 a.m.14 views

CVE-2026-13322

CVE-2026-13322 affects KubeVirt, specifically the virt-handler on RHEL9, where the downward metrics virtio-serial server uses textproto.Reader.ReadLine() to read guest requests. The read is unbounded: there is no maximum length or read deadline, so a user with access to a VM guest can send an ong...

3.8CVSS5.8AI score0.00098EPSS
CVE
CVE
added 2026/06/26 4:0 p.m.11 views

CVE-2026-13434

CVE-2026-13434 affects KubeVirt’s network annotation generator used when provisioning VirtualMachineInstance with Multus networks. The flaw writes the supplied networkName verbatim into the v1.multus-cni.io/default-network annotation without format validation or sanitization, with only an empty-s...

4.9CVSS5.9AI score0.00153EPSS
CVE
CVE
added 2026/06/24 8:39 p.m.10 views

CVE-2026-13208

CVE-2026-13208 describes a flaw in KubeVirt where virt-handler’s domain notify server trusts VMI identity from the unvalidated request body. The gRPC handlers for HandleDomainEvent and HandleK8SEvent derive the VMI (namespace/name) solely from the request payload, with no identity validation agai...

6.5CVSS5.8AI score0.00094EPSS
CVE
CVE
added 2026/06/24 8:39 p.m.7 views

CVE-2026-13201

CVE-2026-13201 concerns KubeVirt’s safepath package, where OpenAtNoFollow uses O_PATH|O_NOFOLLOW to obtain a descriptor for a path leaf, but downstream helpers access paths via /proc/self/fd/N. If the leaf is a symlink, the kernel dereferences it, bypassing intended no-follow protection. An attac...

7.3CVSS6AI score0.00124EPSS