Ovirt Engine
Approved changes feed: RSS · Atom
cpe:2.3:a:n/a:ovirt-engine:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | N/A (22f567d3-1203-528c-8f0e-3eb9c2f6ca78) |
|---|---|
| Product | Ovirt Engine (9bc69029-9829-5121-ba02-2e7cb80f335b) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2022-3193 |
vulnerable | 2026-06-08 05:47:19.696367 |
Details available
An HTML injection/reflected Cross-site scripting (XSS) vulnerability was found in the ovirt-engine. A parameter "error_description" fails to sanitize the entry, allowing the vulnerability to trigger on the Windows Service Accounts home pages.
Published: 2022-09-28T18:01:30.000Z
Updated: 2025-05-20T20:18:28.559Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-2805 |
vulnerable | 2026-06-08 05:43:36.530893 |
Details available
A flaw was found in ovirt-engine, which leads to the logging of plaintext passwords in the log file when using otapi-style. This flaw allows an attacker with sufficient privileges to read the log file, leading to confidentiality loss.
Published: 2022-10-19T00:00:00.000Z
Updated: 2025-05-09T14:33:34.709Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-35497 |
vulnerable | 2026-06-08 05:25:01.199804 |
Details available
A flaw was found in ovirt-engine 4.4.3 and earlier allowing an authenticated user to read other users' personal information, including name, email and public SSH key.
Published: 2020-12-21T16:22:22.000Z
Updated: 2024-08-04T17:02:08.047Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-10775 |
vulnerable | 2026-06-08 05:16:35.868703 |
Details available
An Open redirect vulnerability was found in ovirt-engine versions 4.4 and earlier, where it allows remote attackers to redirect users to arbitrary web sites and attempt phishing attacks. Once the target has opened the malicious URL in their browser, the critical part of the URL is no longer visible. The highest threat from this vulnerability is on confidentiality.
Published: 2020-08-24T16:13:00.000Z
Updated: 2024-08-04T11:14:15.422Z Reference links |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.