rpm package
almalinux/libvirt-ssh-proxy
pkg:rpm/almalinux/libvirt-ssh-proxy
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-12748 | Med | 5.5 | < 11.10.0-12.el10_2.alma.1 | 11.10.0-12.el10_2.alma.1 | Nov 11, 2025 | A flaw was discovered in libvirt in the XML file processing. More specifically, the parsing of user provided XML files was performed before the ACL checks. A malicious user with limited permissions could exploit this flaw by submitting a specially crafted XML file, causing libvir | |
| CVE-2024-8235 | — | < 10.5.0-7.el9_5.alma.1 | 10.5.0-7.el9_5.alma.1 | Aug 30, 2024 | A flaw was found in libvirt. A refactor of the code fetching the list of interfaces for multiple APIs introduced a corner case on platforms where allocating 0 bytes of memory results in a NULL pointer. This corner case would lead to a NULL-pointer dereference and subsequent crash |
- affected < 11.10.0-12.el10_2.alma.1fixed 11.10.0-12.el10_2.alma.1
A flaw was discovered in libvirt in the XML file processing. More specifically, the parsing of user provided XML files was performed before the ACL checks. A malicious user with limited permissions could exploit this flaw by submitting a specially crafted XML file, causing libvir
- CVE-2024-8235Aug 30, 2024affected < 10.5.0-7.el9_5.alma.1fixed 10.5.0-7.el9_5.alma.1
A flaw was found in libvirt. A refactor of the code fetching the list of interfaces for multiple APIs introduced a corner case on platforms where allocating 0 bytes of memory results in a NULL pointer. This corner case would lead to a NULL-pointer dereference and subsequent crash