Skip to main content

Containerized Data Importer

2 CVEs product

Monthly

CVE-2019-10175 MEDIUM This Month

A flaw was found in the containerized-data-importer in virt-cdi-cloner, version 1.4, where the host-assisted cloning feature does not determine whether the requesting user has permission to access. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Containerized Data Importer
NVD
CVSS 3.1
6.5
EPSS
1.0%
CVE-2019-3841 MEDIUM POC This Month

Kubevirt/virt-cdi-importer, versions 1.4.0 to 1.5.3 inclusive, were reported to disable TLS certificate validation when importing data into PVCs from container registries. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Information Disclosure Containerized Data Importer
NVD GitHub
CVSS 3.0
6.8
EPSS
0.5%
EPSS 1% CVSS 6.5
MEDIUM This Month

A flaw was found in the containerized-data-importer in virt-cdi-cloner, version 1.4, where the host-assisted cloning feature does not determine whether the requesting user has permission to access. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Containerized Data Importer
NVD
EPSS 1% CVSS 6.8
MEDIUM POC This Month

Kubevirt/virt-cdi-importer, versions 1.4.0 to 1.5.3 inclusive, were reported to disable TLS certificate validation when importing data into PVCs from container registries. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Information Disclosure Containerized Data Importer
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy