CVE-2014-0028
EPSS 0.10%Published: 1/24/2014Modified: 4/28/2026
Also known as:DEBIAN-CVE-2014-0028
Description
libvirt 1.1.1 through 1.2.0 allows context-dependent attackers to bypass the domain:getattr and connect:search_domains restrictions in ACLs and obtain sensitive domain object information via a request to the (1) virConnectDomainEventRegister and (2) virConnectDomainEventRegisterAny functions in the event registration API.
Affected packages (1)
- Debian/libvirtfrom 0, < 1.2.1-1