Browse all 3 CVE security advisories affecting The libvirt Project. AI-powered Chinese analysis, POCs, and references for each vulnerability.
The libvirt Project provides open-source APIs for managing platform virtualization, enabling control over KVM, Xen, QEMU and hypervisors. Historically, vulnerabilities have included remote code execution, privilege escalation, and denial-of-service flaws, often stemming from improper input validation in XML processing or unsafe library functions. The project maintains security-focused development practices, though past incidents like CVE-2020-25645 (privilege escalation) and CVE-2021-3592 (RCE) highlight ongoing risks. With three current CVEs, libvirt remains critical infrastructure requiring careful deployment, particularly in multi-tenant environments where compromised access could escalate to host systems.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2019-3886 | Red Hat libvirt 信息泄露漏洞 — libvirtCWE-862 | 5.4 | - | 2019-04-04 |
| CVE-2019-3840 | Red Hat libvirt 代码问题漏洞 — libvirtCWE-476 | 6.3 | - | 2019-03-27 |
| CVE-2017-2635 | Red Hat Libvirt 安全漏洞 — libvirtCWE-476 | 6.5 | - | 2018-08-22 |
This page lists every published CVE security advisory associated with The libvirt Project. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.