oVirt Vdsm 4.20.1

CPE Details

oVirt Vdsm 4.20.1
4.20.1
2019-03-28
17h32 +00:00
2019-03-28
17h32 +00:00
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:ovirt:vdsm:4.20.1:*:*:*:*:*:*:*

Informations

Vendor

ovirt

Product

vdsm

Version

4.20.1

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2019-3831 2019-03-25 16h12 +00:00 A vulnerability was discovered in vdsm, version 4.19 through 4.30.3 and 4.30.5 through 4.30.8. The systemd_run function exposed to the vdsm system user could be abused to execute arbitrary commands as root.
6.7
Medium
CVE-2018-10908 2018-08-09 17h00 +00:00 It was found that vdsm before version 4.20.37 invokes qemu-img on untrusted inputs without limiting resources. By uploading a specially crafted image, an attacker could cause the qemu-img process to consume unbounded amounts of memory of CPU time, causing a denial of service condition that could potentially impact other users of the host.
6.5
Medium