Filtered by vendor Ovirt
Subscriptions
Filtered by product Vdsm
Subscriptions
Total
4 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2012-5518 | 1 Ovirt | 1 Vdsm | 2024-08-06 | 7.5 High |
| vdsm: certificate generation upon node creation allowing vdsm to start and serve requests from anyone who has a matching key (and certificate) | ||||
| CVE-2018-10908 | 2 Ovirt, Redhat | 3 Vdsm, Enterprise Linux, Virtualization | 2024-08-05 | N/A |
| It was found that vdsm before version 4.20.37 invokes qemu-img on untrusted inputs without limiting resources. By uploading a specially crafted image, an attacker could cause the qemu-img process to consume unbounded amounts of memory of CPU time, causing a denial of service condition that could potentially impact other users of the host. | ||||
| CVE-2019-3831 | 2 Ovirt, Redhat | 4 Vdsm, Enterprise Linux, Gluster Storage and 1 more | 2024-08-04 | 6.7 Medium |
| A vulnerability was discovered in vdsm, version 4.19 through 4.30.3 and 4.30.5 through 4.30.8. The systemd_run function exposed to the vdsm system user could be abused to execute arbitrary commands as root. | ||||
| CVE-2022-0207 | 2 Ovirt, Redhat | 6 Vdsm, Enterprise Linux, Rhev Hypervisor and 3 more | 2024-08-02 | 4.7 Medium |
| A race condition was found in vdsm. Functionality to obfuscate sensitive values in log files that may lead to values being stored in clear text. | ||||
Page 1 of 1.