rpm package
suse/kubevirt&distro=SUSE Linux Enterprise Module for Containers 15 SP4
pkg:rpm/suse/kubevirt&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Containers%2015%20SP4
Vulnerabilities (4)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-26484 | — | < 0.54.0-150400.3.13.1 | 0.54.0-150400.3.13.1 | Mar 15, 2023 | KubeVirt is a virtual machine management add-on for Kubernetes. In versions 0.59.0 and prior, if a malicious user has taken over a Kubernetes node where virt-handler (the KubeVirt node-daemon) is running, the virt-handler service account can be used to modify all node specs. This | ||
| CVE-2022-1798 | — | < 0.54.0-150400.3.3.2 | 0.54.0-150400.3.3.2 | Sep 15, 2022 | A path traversal vulnerability in KubeVirt versions up to 0.56 (and 0.55.1) on all platforms allows a user able to configure the kubevirt to read arbitrary files on the host filesystem which are publicly readable or which are readable for UID 107 or GID 107. /proc/self/<> is not | ||
| CVE-2022-1996 | — | < 0.54.0-150400.3.3.2 | 0.54.0-150400.3.3.2 | Jun 6, 2022 | Authorization Bypass Through User-Controlled Key in GitHub repository emicklei/go-restful prior to v3.8.0. | ||
| CVE-2022-29162 | — | < 0.54.0-150400.3.3.2 | 0.54.0-150400.3.3.2 | May 17, 2022 | runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. A bug was found in runc prior to version 1.1.2 where `runc exec --cap` created processes with non-empty inheritable Linux process capabilities, creating an atypical Linux environme |
- CVE-2023-26484Mar 15, 2023affected < 0.54.0-150400.3.13.1fixed 0.54.0-150400.3.13.1
KubeVirt is a virtual machine management add-on for Kubernetes. In versions 0.59.0 and prior, if a malicious user has taken over a Kubernetes node where virt-handler (the KubeVirt node-daemon) is running, the virt-handler service account can be used to modify all node specs. This
- CVE-2022-1798Sep 15, 2022affected < 0.54.0-150400.3.3.2fixed 0.54.0-150400.3.3.2
A path traversal vulnerability in KubeVirt versions up to 0.56 (and 0.55.1) on all platforms allows a user able to configure the kubevirt to read arbitrary files on the host filesystem which are publicly readable or which are readable for UID 107 or GID 107. /proc/self/<> is not
- CVE-2022-1996Jun 6, 2022affected < 0.54.0-150400.3.3.2fixed 0.54.0-150400.3.3.2
Authorization Bypass Through User-Controlled Key in GitHub repository emicklei/go-restful prior to v3.8.0.
- CVE-2022-29162May 17, 2022affected < 0.54.0-150400.3.3.2fixed 0.54.0-150400.3.3.2
runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. A bug was found in runc prior to version 1.1.2 where `runc exec --cap` created processes with non-empty inheritable Linux process capabilities, creating an atypical Linux environme