Filtered by vendor Kubevirt
Subscriptions
Filtered by product Containerized Data Importer
Subscriptions
Total
1 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-3841 | 1 Kubevirt | 1 Containerized Data Importer | 2024-11-21 | N/A |
| Kubevirt/virt-cdi-importer, versions 1.4.0 to 1.5.3 inclusive, were reported to disable TLS certificate validation when importing data into PVCs from container registries. This could enable man-in-the-middle attacks between a container registry and the virt-cdi-component, leading to possible undetected tampering of trusted container image content. | ||||
Page 1 of 1.