VYPR
Moderate severityNVD Advisory· Published Sep 15, 2022· Updated Apr 21, 2025

Path Traversal vulnerability in Kubevirt

CVE-2022-1798

Description

A path traversal vulnerability in KubeVirt versions up to 0.56 (and 0.55.1) on all platforms allows a user able to configure the kubevirt to read arbitrary files on the host filesystem which are publicly readable or which are readable for UID 107 or GID 107. /proc/self/<> is not accessible.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
kubevirt.io/kubevirtGo
>= 0.20.0, < 0.55.10.55.1

Affected products

6

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.