Every CVE whose affected-product data names Ovirt Vdsm, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2012-5518 — CVSS 7.5 (high): vdsm: certificate generation upon node creation allowing vdsm to start and serve requests from anyone who has a matching key (and…
CVE-2019-3831 — CVSS 6.7 (medium): A vulnerability was discovered in vdsm, version 4.19 through 4.30.3 and 4.30.5 through 4.30.8. The systemd_run function exposed to the vdsm…
CVE-2018-10908 — CVSS 6.5 (medium): It was found that vdsm before version 4.20.37 invokes qemu-img on untrusted inputs without limiting resources. By uploading a specially…
CVE-2022-0207 — CVSS 4.7 (medium): A race condition was found in vdsm. Functionality to obfuscate sensitive values in log files that may lead to values being stored in clear…