Oval Definition:	oval:org.opensuse.security:def:20221798
Revision Date: 2023-06-22 Version: 1 Title: CVE-2022-1798 Description: A path traversal vulnerability in KubeVirt versions up to 0.56 (and 0.55.1) on all platforms allows a user able to configure the kubevirt to read arbitrary files on the host filesystem which are publicly readable or which are readable for UID 107 or GID 107. /proc/self/<> is not accessible. Family: unix Class: vulnerability Status: Reference(s): Mitre CVE-2022-1798 SUSE CVE-2022-1798 SUSE-SU-2022:3321-1 SUSE-SU-2022:3333-1 Platform(s): SUSE Linux Enterprise High Performance Computing 15 SP5 SUSE Linux Enterprise Micro 5.3 SUSE Linux Enterprise Module for Containers 15 SP5 SUSE Linux Enterprise Server 15 SP5 SUSE Linux Enterprise Server for SAP Applications 15 SP2 SUSE Linux Enterprise Server for SAP Applications 15 SP5 Product(s): Definition Synopsis SUSE Linux Enterprise Micro 5.3 is installed AND Package Information kubevirt-manifests is affected OR kubevirt-virtctl is affected Definition Synopsis SUSE Linux Enterprise Server for SAP Applications 15 SP2 is installed AND Package Information kubevirt-manifests is affected OR kubevirt-virtctl is affected Definition Synopsis Release Information SUSE Linux Enterprise High Performance Computing 15 SP5 is installed OR SUSE Linux Enterprise Module for Containers 15 SP5 is installed OR SUSE Linux Enterprise Server 15 SP5 is installed OR SUSE Linux Enterprise Server for SAP Applications 15 SP5 is installed AND Package Information kubevirt-manifests-0.58.0-150500.6.3 is installed OR kubevirt-virtctl-0.58.0-150500.6.3 is installed
BACK