-
-
Notifications
You must be signed in to change notification settings - Fork 229
Expand file tree
/
Copy pathCVE-2026-1530.yml
More file actions
29 lines (29 loc) · 1.28 KB
/
CVE-2026-1530.yml
File metadata and controls
29 lines (29 loc) · 1.28 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
---
gem: fog-kubevirt
cve: 2026-1530
ghsa: m3hq-3qj8-c5fm
url: https://access.redhat.com/security/cve/CVE-2026-1530
title: fog-kubevirt allows remote attacker to perform MITM attack
due to disabled certificate validation
date: 2026-02-02
description: |
A flaw was found in fog-kubevirt. This vulnerability allows a remote
attacker to perform a Man-in-the-Middle (MITM) attack due to disabled
certificate validation. This enables the attacker to intercept and
potentially alter sensitive communications between Satellite and
OpenShift, resulting in information disclosure and data integrity
compromise.
cvss_v3: 8.1
patched_versions:
- ">= 1.5.1"
related:
url:
- https://nvd.nist.gov/vuln/detail/CVE-2026-1530
- https://github.com/fog/fog-kubevirt/releases/tag/v1.5.1
- https://github.com/fog/fog-kubevirt/blob/8adb03e07972d6e19a7713ecf2a827aa2cfe4b9e/CHANGELOG.md?plain=1#L11
- https://github.com/fog/fog-kubevirt/pull/168
- https://github.com/fog/fog-kubevirt/commit/8371e9ded99f9ec3e74caf2f283836109763e450
- https://github.com/fog/fog-kubevirt/commit/9603d79a239a0f68bedfc679cd1b65fbf6ec4753
- https://access.redhat.com/security/cve/CVE-2026-1530
- https://bugzilla.redhat.com/show_bug.cgi?id=2433784
- https://github.com/advisories/GHSA-m3hq-3qj8-c5fm