Moderate severityNVD Advisory· Published May 2, 2024· Updated Aug 2, 2024
CVE-2024-33394
CVE-2024-33394
Description
An issue in kubevirt kubevirt v1.2.0 and before allows a local attacker to execute arbitrary code via a crafted command to get the token component.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
kubevirt.io/kubevirtGo | <= 1.2.0 | — |
Affected products
46- osv-coords45 versionspkg:apk/chainguard/docker-machine-driver-harvesterpkg:apk/chainguard/virt-api-1.6pkg:apk/chainguard/virt-api-1.7pkg:apk/chainguard/virt-api-1.8pkg:apk/chainguard/virt-api-fips-1.6pkg:apk/chainguard/virt-api-fips-1.7pkg:apk/chainguard/virt-api-fips-1.8pkg:apk/chainguard/virt-chroot-1.6pkg:apk/chainguard/virt-chroot-1.7pkg:apk/chainguard/virt-chroot-1.8pkg:apk/chainguard/virt-chroot-fips-1.6pkg:apk/chainguard/virt-chroot-fips-1.7pkg:apk/chainguard/virt-chroot-fips-1.8pkg:apk/chainguard/virt-controller-1.6pkg:apk/chainguard/virt-controller-1.7pkg:apk/chainguard/virt-controller-1.8pkg:apk/chainguard/virt-controller-fips-1.6pkg:apk/chainguard/virt-controller-fips-1.7pkg:apk/chainguard/virt-controller-fips-1.8pkg:apk/chainguard/virt-handler-1.6pkg:apk/chainguard/virt-handler-1.7pkg:apk/chainguard/virt-handler-1.8pkg:apk/chainguard/virt-handler-fips-1.6pkg:apk/chainguard/virt-handler-fips-1.7pkg:apk/chainguard/virt-handler-fips-1.8pkg:apk/chainguard/virt-launcher-1.6pkg:apk/chainguard/virt-launcher-1.6-virt-freezerpkg:apk/chainguard/virt-launcher-1.6-virt-launcher-monitorpkg:apk/chainguard/virt-launcher-1.6-virt-probepkg:apk/chainguard/virt-launcher-1.6-virt-tailpkg:apk/chainguard/virt-operator-1.7pkg:apk/chainguard/virt-operator-1.8pkg:apk/chainguard/virt-operator-fips-1.6pkg:apk/chainguard/virt-operator-fips-1.7pkg:apk/chainguard/virt-operator-fips-1.8pkg:apk/wolfi/docker-machine-driver-harvesterpkg:golang/kubevirt.io/kubevirtpkg:rpm/opensuse/kubevirt-1.8&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/kubevirt1.8&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/kubevirt&distro=openSUSE%20Leap%2015.5pkg:rpm/opensuse/kubevirt&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/kubevirt&distro=openSUSE%20Tumbleweedpkg:rpm/suse/kubevirt&distro=SUSE%20Linux%20Enterprise%20Micro%205.5pkg:rpm/suse/kubevirt&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Containers%2015%20SP5pkg:rpm/suse/kubevirt&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Containers%2015%20SP6
< 0+ 44 more
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 1.6.6-r2
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 1.6.6-r3
- (no CPE)range: < 1.6.6-r3
- (no CPE)range: < 1.6.6-r3
- (no CPE)range: < 1.6.6-r3
- (no CPE)range: < 1.6.6-r3
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 1.6.6-r2
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: <= 1.2.0
- (no CPE)range: < 1.8.3-1.1
- (no CPE)range: < 1.8.3-1.1
- (no CPE)range: < 1.1.1-150500.8.18.1
- (no CPE)range: < 1.1.1-150600.5.3.2
- (no CPE)range: < 1.2.2-2.1
- (no CPE)range: < 1.1.1-150500.8.18.1
- (no CPE)range: < 1.1.1-150500.8.18.1
- (no CPE)range: < 1.1.1-150600.5.3.2
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.