Vdsm
Monthly
A race condition was found in vdsm. Rated medium severity (CVSS 4.7).
A vulnerability was discovered in vdsm, version 4.19 through 4.30.3 and 4.30.5 through 4.30.8. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. This Incorrect Authorization vulnerability could allow attackers to bypass authorization checks to access restricted resources.
It was found that vdsm before version 4.20.37 invokes qemu-img on untrusted inputs without limiting resources. Rated medium severity (CVSS 6.3), this vulnerability is no authentication required, low attack complexity.
A race condition was found in vdsm. Rated medium severity (CVSS 4.7).
A vulnerability was discovered in vdsm, version 4.19 through 4.30.3 and 4.30.5 through 4.30.8. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. This Incorrect Authorization vulnerability could allow attackers to bypass authorization checks to access restricted resources.
It was found that vdsm before version 4.20.37 invokes qemu-img on untrusted inputs without limiting resources. Rated medium severity (CVSS 6.3), this vulnerability is no authentication required, low attack complexity.