{"id":"GO-2022-1000","summary":"KubeVirt vulnerable to arbitrary file read on host in kubevirt.io/kubevirt","details":"KubeVirt vulnerable to arbitrary file read on host in kubevirt.io/kubevirt","aliases":["GHSA-qv98-3369-g364"],"modified":"2026-03-17T04:29:09.245714Z","published":"2024-08-21T16:03:24Z","database_specific":{"url":"https://pkg.go.dev/vuln/GO-2022-1000","review_status":"UNREVIEWED"},"references":[{"type":"ADVISORY","url":"https://github.com/kubevirt/kubevirt/security/advisories/GHSA-qv98-3369-g364"},{"type":"WEB","url":"https://github.com/google/security-research/security/advisories/GHSA-cvx8-ppmc-78hm"},{"type":"WEB","url":"https://github.com/kubevirt/kubevirt/pull/8198"},{"type":"WEB","url":"https://github.com/kubevirt/kubevirt/pull/8268"}],"affected":[{"package":{"name":"kubevirt.io/kubevirt","ecosystem":"Go","purl":"pkg:golang/kubevirt.io/kubevirt"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0.20.0"},{"fixed":"0.55.1"}]}],"ecosystem_specific":{},"database_specific":{"source":"https://vuln.go.dev/ID/GO-2022-1000.json"}}],"schema_version":"1.7.5"}