Ovirt Vdsm
By the Year
In 2022 there have been 0 vulnerabilities in Ovirt Vdsm . Vdsm did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2022 | 0 | 0.00 |
| 2021 | 0 | 0.00 |
| 2020 | 0 | 0.00 |
| 2019 | 1 | 7.20 |
| 2018 | 1 | 6.30 |
It may take a day or so for new Vdsm vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Ovirt Vdsm Security Vulnerabilities
A vulnerability was discovered in vdsm, version 4.19 through 4.30.3 and 4.30.5 through 4.30.8
CVE-2019-3831
7.2 - High
- March 25, 2019
A vulnerability was discovered in vdsm, version 4.19 through 4.30.3 and 4.30.5 through 4.30.8. The systemd_run function exposed to the vdsm system user could be abused to execute arbitrary commands as root.
Command Injection
It was found that vdsm before version 4.20.37 invokes qemu-img on untrusted inputs without limiting resources
CVE-2018-10908
6.3 - Medium
- August 09, 2018
It was found that vdsm before version 4.20.37 invokes qemu-img on untrusted inputs without limiting resources. By uploading a specially crafted image, an attacker could cause the qemu-img process to consume unbounded amounts of memory of CPU time, causing a denial of service condition that could potentially impact other users of the host.
Allocation of Resources Without Limits or Throttling
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Red Hat Virtualization or by Ovirt? Click the Watch button to subscribe.
