github.com/kubevirt/kubevirt is vulnerable to sensitive information disclosure. An attacker with the access to create VMs is able to attach any secret within their namespace and allow them to read the contents of that secret.
CPE | Name | Operator | Version |
---|---|---|---|
github.com/kubevirt/kubevirt/ | eq | HEAD | |
github.com/kubevirt/kubevirt/ | le | 0.25.0 |