kubevirt (SUSE:Linux Enterprise Server 16.0) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Server 16.0 package kubevirt, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (8)
CVE-2025-64324 — CVSS 7.7 (high): KubeVirt is a virtual machine management add-on for Kubernetes. The `hostDisk` feature in KubeVirt allows mounting a host file or directory…
CVE-2025-64433 — CVSS 6.5 (medium): KubeVirt is a virtual machine management add-on for Kubernetes. Prior to 1.5.3 and 1.6.1, a vulnerability was discovered that allows a VM…
CVE-2025-22872 — CVSS 6.5 (medium): The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character (/) as self-closing. When…
CVE-2025-64435 — CVSS 5.3 (medium): KubeVirt is a virtual machine management add-on for Kubernetes. Prior to 1.7.0-beta.0, a logic flaw in the virt-controller allows an…
CVE-2025-64437 — CVSS 5.0 (medium): KubeVirt is a virtual machine management add-on for Kubernetes. In versions before 1.5.3 and 1.6.1, the virt-handler does not verify…
CVE-2025-64434 — CVSS 4.7 (medium): KubeVirt is a virtual machine management add-on for Kubernetes. Prior to 1.5.3 and 1.6.1, due to the peer verification logic in…
CVE-2025-64432 — CVSS 4.7 (medium): KubeVirt is a virtual machine management add-on for Kubernetes. Versions 1.5.3 and below, and 1.6.0 contained a flawed implementation of…
CVE-2024-45310 — CVSS 3.6 (low): runc is a CLI tool for spawning and running containers according to the OCI specification. runc 1.1.13 and earlier, as well as 1.2.0-rc2…