kubevirt | Snyk

Direct Vulnerabilities

Known vulnerabilities in the kubevirt package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free

Vulnerability	Vulnerable Version
H Allocation of Resources Without Limits or Throttling	*
M Incorrect Authorization	*
H Improper Validation of Unsafe Equivalence in Input	*
M Resource Exhaustion	*
M Time-of-check Time-of-use (TOCTOU)	*
M Excessive Platform Resource Consumption within a Loop	*
M Cross-site Scripting (XSS)	*
M Allocation of Resources Without Limits or Throttling	*
H Incorrect Behavior Order: Authorization Before Parsing and Canonicalization	*
H Improper Validation of Syntactic Correctness of Input	*
H Allocation of Resources Without Limits or Throttling	*
H Excessive Platform Resource Consumption within a Loop	*
M Directory Traversal	*
M Improper Certificate Validation	*
M Resource Exhaustion	*
M Incorrect Ownership Assignment	*
M Improper Certificate Validation	*
H Reachable Assertion	*
M Directory Traversal	*
M Link Following	*
M Improper Check or Handling of Exceptional Conditions	*
M Creation of Immutable Text Using String Concatenation	*
M Allocation of Resources Without Limits or Throttling	*
M Expected Behavior Violation	*
H Information Exposure	*
M Time-of-check Time-of-use (TOCTOU)	*
M CVE-2025-4673	*
M HTTP Request Smuggling	*
H Improper Validation of Syntactic Correctness of Input	*
M Misinterpretation of Input	*
H Allocation of Resources Without Limits or Throttling	*
L Improper Verification of Cryptographic Signature	*
M Information Exposure	*
M Loop with Unreachable Exit Condition ('Infinite Loop')	*
L Incorrect Authorization	*
L Incorrect Authorization	*
M Cross-site Scripting (XSS)	*
M Truncation of Security-relevant Information	*
M Resource Exhaustion	*
M Improper Input Validation	*
M Missing Release of Resource after Effective Lifetime	*
M Loop with Unreachable Exit Condition ('Infinite Loop')	*
H Improper Authorization	*
M Improper Input Validation	*
M Buffer Overflow	*
M Integer Overflow or Wraparound	*
M Resource Exhaustion	*
M Improper Certificate Validation	*
M Improper Input Validation	*
M Allocation of Resources Without Limits or Throttling	*
M Buffer Access with Incorrect Length Value	*
M Cross-site Scripting (XSS)	*
M Resource Exhaustion	*
M Cross-site Scripting (XSS)	*
M Improper Handling of Unicode Encoding	*
M Cross-site Scripting (XSS)	*
M Resource Exhaustion	*
M HTTP Response Splitting	*
M Improper Handling of Unicode Encoding	*
M Loop with Unreachable Exit Condition ('Infinite Loop')	*
M Resource Exhaustion	*
M Arbitrary Code Injection	*
M Use of Uninitialized Variable	*
M Use of a Broken or Risky Cryptographic Algorithm	*
M Misinterpretation of Input	*
M Unchecked Return Value	*
L Race Condition	*
M Integer Overflow or Wraparound	*
M Integer Overflow or Wraparound	*
M Race Condition	*
M Race Condition	*
M Information Exposure	*
M Resource Exhaustion	*
M Resource Exhaustion	*
M Incorrect Privilege Assignment	*
M Incorrect Privilege Assignment	*
M Incorrect Authorization	*
L Allocation of Resources Without Limits or Throttling	*
M Incorrect Calculation	*

Vulnerability

Vulnerable Version

Allocation of Resources Without Limits or Throttling