Kubevirt

Kubevirt

19 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.16%
  • Veröffentlicht 26.06.2026 16:00:43
  • Zuletzt bearbeitet 06.07.2026 17:51:23

A flaw was found in KubeVirt's network annotation generator. When a tenant creates a VirtualMachineInstance with a Multus network configuration, the supplied networkName value is written verbatim into the launcher pod's v1.multus-cni.io/default-netwo...

  • EPSS 0.18%
  • Veröffentlicht 26.06.2026 10:41:01
  • Zuletzt bearbeitet 06.07.2026 17:51:25

A flaw was found in KubeVirt's migration proxy. When spec.configuration.migrations.disableTLS is set to true on the KubeVirt custom resource, the target virt-handler binds a plain TCP listener on all interfaces (0.0.0.0/::) on a random port with no a...

  • EPSS 0.09%
  • Veröffentlicht 26.06.2026 00:04:07
  • Zuletzt bearbeitet 06.07.2026 17:25:39

A flaw was found in KubeVirt's downward metrics virtio-serial server. The server reads guest requests using textproto.Reader.ReadLine(), which buffers input indefinitely until a newline character is received, with no length limit or read deadline. A ...

  • EPSS 0.15%
  • Veröffentlicht 25.06.2026 23:23:38
  • Zuletzt bearbeitet 06.07.2026 17:45:33

A server-side request forgery (SSRF) flaw was found in KubeVirt's virt-api port-forward handler. When processing a port-forward request to a VirtualMachineInstance (VMI), virt-api reads the target IP from vmi.Status.Interfaces[0].IP and passes it dir...

  • EPSS 0.11%
  • Veröffentlicht 25.06.2026 23:23:23
  • Zuletzt bearbeitet 06.07.2026 17:46:14

A flaw was found in KubeVirt's virt-handler network cache handling. The WriteToCachedFile function writes data to a launcher-rooted path using os.WriteFile and os.Chown without symlink protection. A user with access to the virt-launcher container can...

  • EPSS 0.09%
  • Veröffentlicht 24.06.2026 21:16:52
  • Zuletzt bearbeitet 06.07.2026 17:51:17

A flaw was found in KubeVirt's virt-handler domain notify server. The gRPC handlers for HandleDomainEvent and HandleK8SEvent derive the VMI identity (namespace/name) solely from the request body without validating it against the connection's origin. ...

  • EPSS 0.12%
  • Veröffentlicht 24.06.2026 21:16:52
  • Zuletzt bearbeitet 06.07.2026 17:51:20

A flaw was found in KubeVirt's safepath package used by virt-handler. The OpenAtNoFollow function uses O_PATH|O_NOFOLLOW to obtain a file descriptor to a path leaf, but downstream operations resolve the path via /proc/self/fd/N using link-following s...

Exploit
  • EPSS 0.21%
  • Veröffentlicht 18.11.2025 22:10:19
  • Zuletzt bearbeitet 25.11.2025 17:16:59

KubeVirt is a virtual machine management add-on for Kubernetes. The `hostDisk` feature in KubeVirt allows mounting a host file or directory owned by the user with UID 107 into a VM. However, prior to version 1.6.1 and 1.7.0, the implementation of thi...

Exploit
  • EPSS 0.48%
  • Veröffentlicht 07.11.2025 23:07:31
  • Zuletzt bearbeitet 25.11.2025 16:49:00

KubeVirt is a virtual machine management add-on for Kubernetes. Prior to 1.5.3 and 1.6.1, a vulnerability was discovered that allows a VM to read arbitrary files from the virt-launcher pod's file system. This issue stems from improper symlink handlin...

Exploit
  • EPSS 0.21%
  • Veröffentlicht 07.11.2025 23:04:10
  • Zuletzt bearbeitet 25.11.2025 17:16:45

KubeVirt is a virtual machine management add-on for Kubernetes. In versions before 1.5.3 and 1.6.1, the virt-handler does not verify whether the launcher-sock is a symlink or a regular file. This oversight can be exploited, for example, to change the...