rpm package
opensuse/kubevirt&distro=openSUSE Leap 15.3
pkg:rpm/opensuse/kubevirt&distro=openSUSE%20Leap%2015.3
Vulnerabilities (4)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-1798 | — | < 0.49.0-150300.8.13.1 | 0.49.0-150300.8.13.1 | Sep 15, 2022 | A path traversal vulnerability in KubeVirt versions up to 0.56 (and 0.55.1) on all platforms allows a user able to configure the kubevirt to read arbitrary files on the host filesystem which are publicly readable or which are readable for UID 107 or GID 107. /proc/self/<> is not | ||
| CVE-2021-43565 | — | < 0.45.0-8.7.1 | 0.45.0-8.7.1 | Sep 6, 2022 | The x/crypto/ssh package before 0.0.0-20211202192323-5770296d904e of golang.org/x/crypto allows an attacker to panic an SSH server. | ||
| CVE-2022-1996 | — | < 0.49.0-150300.8.13.1 | 0.49.0-150300.8.13.1 | Jun 6, 2022 | Authorization Bypass Through User-Controlled Key in GitHub repository emicklei/go-restful prior to v3.8.0. | ||
| CVE-2022-29162 | — | < 0.49.0-150300.8.13.1 | 0.49.0-150300.8.13.1 | May 17, 2022 | runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. A bug was found in runc prior to version 1.1.2 where `runc exec --cap` created processes with non-empty inheritable Linux process capabilities, creating an atypical Linux environme |
- CVE-2022-1798Sep 15, 2022affected < 0.49.0-150300.8.13.1fixed 0.49.0-150300.8.13.1
A path traversal vulnerability in KubeVirt versions up to 0.56 (and 0.55.1) on all platforms allows a user able to configure the kubevirt to read arbitrary files on the host filesystem which are publicly readable or which are readable for UID 107 or GID 107. /proc/self/<> is not
- CVE-2021-43565Sep 6, 2022affected < 0.45.0-8.7.1fixed 0.45.0-8.7.1
The x/crypto/ssh package before 0.0.0-20211202192323-5770296d904e of golang.org/x/crypto allows an attacker to panic an SSH server.
- CVE-2022-1996Jun 6, 2022affected < 0.49.0-150300.8.13.1fixed 0.49.0-150300.8.13.1
Authorization Bypass Through User-Controlled Key in GitHub repository emicklei/go-restful prior to v3.8.0.
- CVE-2022-29162May 17, 2022affected < 0.49.0-150300.8.13.1fixed 0.49.0-150300.8.13.1
runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. A bug was found in runc prior to version 1.1.2 where `runc exec --cap` created processes with non-empty inheritable Linux process capabilities, creating an atypical Linux environme