📦 Kubevirt

A logic bug in KubeVirt's hostDisk feature allows attackers to read and write arbitrary files owned by privileged users on the host system. This affects KubeVirt versions before 1.6.1 and 1.7.0 when u...

This vulnerability in KubeVirt allows a compromised Kubernetes node to use the virt-handler service account to modify other node specifications, potentially leading to cluster-wide privilege escalatio...

This vulnerability in KubeVirt allows attackers with access to the virt-handler service account to force VM migrations to compromised nodes or mark all nodes as unschedulable. This affects KubeVirt de...

This CVE allows attackers who control the virt-launcher pod filesystem to change ownership of arbitrary host node files to the unprivileged UID 107 user, compromising data confidentiality, integrity, ...

This vulnerability in KubeVirt allows a malicious user with control over a PersistentVolumeClaim (PVC) to read arbitrary files from the virt-launcher pod's file system. Attackers can exploit improper ...

This vulnerability in KubeVirt allows an attacker who compromises a virt-handler instance to impersonate virt-api using shared credentials, enabling privileged operations against other virt-handler in...

This vulnerability in KubeVirt allows attackers to disrupt virtual machine control by creating malicious pods with matching labels. Attackers can cause denial-of-service by misleading the virt-control...

This vulnerability in KubeVirt allows attackers to bypass RBAC controls by exploiting a flawed mTLS authentication implementation in the virt-api component. Attackers can impersonate the Kubernetes AP...