kubevirt.src vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the kubevirt.src package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free

Vulnerability	Vulnerable Version
L Allocation of Resources Without Limits or Throttling	*
H Authorization Bypass Through User-Controlled Key	*
M CVE-2025-68121	*
H Excessive Platform Resource Consumption within a Loop	*
M Directory Traversal	*
M Resource Exhaustion	*
M Incorrect Permission Assignment for Critical Resource	*
M Improper Certificate Validation	*
M Incorrect Default Permissions	*
H Allocation of Resources Without Limits or Throttling	*
M Information Exposure	*
M Integer Overflow or Wraparound	*
M Integer Overflow or Wraparound	*
M Resource Exhaustion	*
M Incorrect Privilege Assignment	*
M Incorrect Privilege Assignment	*
M Resource Exhaustion	*
L Incorrect Authorization	*
L Incorrect Authorization	*
M Cross-site Scripting (XSS)	*
M Time-of-check Time-of-use (TOCTOU)	*
M Use of Uninitialized Variable	*
M Improper Handling of Unicode Encoding	*
M Improper Handling of Unicode Encoding	*
L Arbitrary Argument Injection	*
H Improper Authorization	*
H Improper Validation of Syntactic Correctness of Input	*
M HTTP Request Smuggling	*
M Improper Certificate Validation	*
L Improper Verification of Cryptographic Signature	*
M Improper Input Validation	*
M Expected Behavior Violation	*
M CVE-2025-4673	*
M Allocation of Resources Without Limits or Throttling	*
M Improper Output Neutralization for Logs	*
M Misinterpretation of Input	*
M Allocation of Resources Without Limits or Throttling	*
M Allocation of Resources Without Limits or Throttling	*
M Creation of Immutable Text Using String Concatenation	*
M Allocation of Resources Without Limits or Throttling	*
M Reachable Assertion	*
M Arbitrary Code Injection	*
M Misinterpretation of Input	*
M Cross-site Scripting (XSS)	*
M Allocation of Resources Without Limits or Throttling	*
M Cross-site Scripting (XSS)	*
M Resource Exhaustion	*
M Buffer Overflow	*
M Buffer Access with Incorrect Length Value	*
M Incorrect Calculation	*
M Resource Exhaustion	*
M Integer Overflow or Wraparound	*
M Expected Behavior Violation	*
M Resource Exhaustion	*
M Allocation of Resources Without Limits or Throttling	*
M Cross-site Scripting (XSS)	*
M Resource Exhaustion	*
M Use of a Broken or Risky Cryptographic Algorithm	*
M Improper Certificate Validation	*
M Improper Input Validation	*
M Improper Input Validation	*
M Information Exposure	*
M Loop with Unreachable Exit Condition ('Infinite Loop')	*
M Loop with Unreachable Exit Condition ('Infinite Loop')	*
M Missing Release of Resource after Effective Lifetime	*
M Unchecked Return Value	*
M Resource Exhaustion	*
M Loop with Unreachable Exit Condition ('Infinite Loop')	*
M Resource Exhaustion	*
M HTTP Response Splitting	*
M Race Condition	*
M Race Condition	*
L Race Condition	*
H Reachable Assertion	*
H Information Exposure	*

Vulnerability

Vulnerable Version

Allocation of Resources Without Limits or Throttling