Security Advisory

CVE-2022-1798

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-09-15 15:45:12

Last updated 2025-04-21 13:49:58

Assigner Google

State PUBLISHED

Description

A path traversal vulnerability in KubeVirt versions up to 0.56 (and 0.55.1) on all platforms allows a user able to configure the kubevirt to read arbitrary files on the host filesystem which are publicly readable or which are readable for UID 107 or GID 107. /proc/self/<> is not accessible.

← Browse all CVEs View on cve.org ↗