VDB
GHSA-qv98-3369-g364
GHSA-qv98-3369-g364
PUBLISHED
CVSS 9.300000190734863 CRITICAL
KubeVirt vulnerable to arbitrary file read on host
Risk Scores
CVSS v4.0
9.300000190734863
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| kubevirt.io | kubevirt | 0.20.0, 0.20.0, 0.20.0 |
| kubevirt.io | kubevirt | 0.20.0, 0.20.0 |
Timeline
- Sep 15, 2022 CVE Published
References
- https://github.com/google/security-research/security/advisories/GHSA-cvx8-ppmc-78hm url
- https://github.com/kubevirt/kubevirt/security/advisories/GHSA-qv98-3369-g364 url
- https://github.com/kubevirt/kubevirt product
- GitHub Advisory GHSA-qv98-3369-g364 vendor-advisory
- https://github.com/kubevirt/kubevirt/pull/8198 url
- https://github.com/kubevirt/kubevirt/pull/8268 url