VulnerableCode Package Details - pkg:gem/foreman_kubevirt@0.4.0

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:gem/foreman_kubevirt@0.4.0

Essentials
History (3)

purl	pkg:gem/foreman_kubevirt@0.4.0

Next non-vulnerable version	0.4.3
Latest non-vulnerable version	0.4.3
Risk	4.0

Vulnerabilities affecting this package (1)

Vulnerability	Summary	Fixed by
VCID-98pd-qdf5-17b1 Aliases: CVE-2026-1531 GHSA-2qxw-7fmx-gqfm	foreman_kubevirt disables SSL verification if a Certificate Authority (CA) certificate is not explicitly set A flaw was found in foreman_kubevirt. When configuring the connection to OpenShift, the system disables SSL verification if a Certificate Authority (CA) certificate is not explicitly set. This insecure default allows a remote attacker, capable of intercepting network traffic between Satellite and OpenShift, to perform a Man-in-the-Middle (MITM) attack. Such an attack could lead to the disclosure or alteration of sensitive information.	0.4.3 Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-17T00:14:40.759249+00:00	GitLab Importer	Affected by	VCID-98pd-qdf5-17b1	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/foreman_kubevirt/CVE-2026-1531.yml	38.4.0
2026-04-12T01:38:40.244589+00:00	GitLab Importer	Affected by	VCID-98pd-qdf5-17b1	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/foreman_kubevirt/CVE-2026-1531.yml	38.3.0
2026-04-03T01:47:38.069321+00:00	GitLab Importer	Affected by	VCID-98pd-qdf5-17b1	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/foreman_kubevirt/CVE-2026-1531.yml	38.1.0