CVE-2024-33394

Description

kubevirt allows a local attacker to execute arbitrary code via a crafted command in kubevirt.io/kubevirt

Affected packages (2)

• Go/kubevirt.io/kubevirtfrom 0, <= 1.2.0
• Go/kubevirt.io/kubevirtfrom 0

CVSS scores

References (4)

• ADVISORYhttps://github.com/advisories/GHSA-4q63-mr2m-57hf
• ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2024-33394
• PATCHhttps://github.com/kubevirt/kubevirt
• WEBhttps://gist.github.com/HouqiyuA/1b75e23ece7ad98490aec1c887bdf49b