VYPR

apk package

chainguard/virt-launcher-1.6

pkg:apk/chainguard/virt-launcher-1.6

Vulnerabilities (8)

  • CVE-2026-6383MedApr 15, 2026
    affected < 1.6.6-r3fixed 1.6.6-r3

    A flaw was found in KubeVirt's Role-Based Access Control (RBAC) evaluation logic. The authorization mechanism improperly truncates subresource names, leading to incorrect permission evaluations. This allows authenticated users with specific custom roles to gain unauthorized acces

  • CVE-2025-14525MedJan 26, 2026
    affected < 1.6.6-r3fixed 1.6.6-r3

    A flaw was found in kubevirt. A user within a virtual machine (VM), if the guest agent is active, can exploit this by causing the agent to report an excessive number of network interfaces. This action can overwhelm the system's ability to store VM configuration updates, effective

  • CVE-2025-64436Nov 7, 2025
    affected < 1.6.6-r3fixed 1.6.6-r3

    KubeVirt is a virtual machine management add-on for Kubernetes. In 1.5.0 and earlier, the permissions granted to the virt-handler service account, such as the ability to update VMI and patch nodes, could be abused to force a VMI migration to an attacker-controlled node. This vuln

  • CVE-2025-64435Nov 7, 2025
    affected < 1.6.6-r3fixed 1.6.6-r3

    KubeVirt is a virtual machine management add-on for Kubernetes. Prior to 1.7.0-beta.0, a logic flaw in the virt-controller allows an attacker to disrupt the control over a running VMI by creating a pod with the same labels as the legitimate virt-launcher pod associated with the V

  • CVE-2025-64432Nov 7, 2025
    affected < 1.6.6-r3fixed 1.6.6-r3

    KubeVirt is a virtual machine management add-on for Kubernetes. Versions 1.5.3 and below, and 1.6.0 contained a flawed implementation of the Kubernetes aggregation layer's authentication flow which could enable bypass of RBAC controls. It was discovered that the virt-api componen

  • CVE-2025-52881Nov 6, 2025
    affected < 1.6.6-r2fixed 1.6.6-r2

    runc is a CLI tool for spawning and running containers according to the OCI specification. In versions 1.2.7, 1.3.2 and 1.4.0-rc.2, an attacker can trick runc into misdirecting writes to /proc to other procfs files through the use of a racing container with shared mounts (we have

  • CVE-2025-52565Nov 6, 2025
    affected < 0fixed 0

    runc is a CLI tool for spawning and running containers according to the OCI specification. Versions 1.0.0-rc3 through 1.2.7, 1.3.0-rc.1 through 1.3.2, and 1.4.0-rc.1 through 1.4.0-rc.2, due to insufficient checks when bind-mounting `/dev/pts/$n` to `/dev/console` inside the conta

  • CVE-2024-33394May 2, 2024
    affected < 1.6.6-r3fixed 1.6.6-r3

    An issue in kubevirt kubevirt v1.2.0 and before allows a local attacker to execute arbitrary code via a crafted command to get the token component.