Filtered by vendor Ovirt
Subscriptions
Filtered by product Vdsm
Subscriptions
Total
4 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-0207 | 2 Ovirt, Redhat | 5 Vdsm, Enterprise Linux, Virtualization and 2 more | 2023-02-12 | 4.7 Medium |
| A race condition was found in vdsm. Functionality to obfuscate sensitive values in log files that may lead to values being stored in clear text. | ||||
| CVE-2019-3831 | 2 Ovirt, Redhat | 2 Vdsm, Gluster Storage | 2020-10-19 | 6.7 Medium |
| A vulnerability was discovered in vdsm, version 4.19 through 4.30.3 and 4.30.5 through 4.30.8. The systemd_run function exposed to the vdsm system user could be abused to execute arbitrary commands as root. | ||||
| CVE-2012-5518 | 1 Ovirt | 1 Vdsm | 2019-12-09 | 7.5 High |
| vdsm: certificate generation upon node creation allowing vdsm to start and serve requests from anyone who has a matching key (and certificate) | ||||
| CVE-2018-10908 | 2 Ovirt, Redhat | 2 Vdsm, Virtualization | 2019-10-09 | N/A |
| It was found that vdsm before version 4.20.37 invokes qemu-img on untrusted inputs without limiting resources. By uploading a specially crafted image, an attacker could cause the qemu-img process to consume unbounded amounts of memory of CPU time, causing a denial of service condition that could potentially impact other users of the host. | ||||
Page 1 of 1.