CVE-2019-3831
- Source
- https://cve.org/CVERecord?id=CVE-2019-3831
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-3831.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2019-3831
- Downstream
- Published
- 2019-03-25T18:29:00.933Z
- Modified
- 2026-04-11T12:00:43.999785Z
- Severity
-
- 6.7 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
A vulnerability was discovered in vdsm, version 4.19 through 4.30.3 and 4.30.5 through 4.30.8. The systemd_run function exposed to the vdsm system user could be abused to execute arbitrary commands as root.
- Database specific
{ "unresolved_ranges": [ { "extracted_events": [ { "last_affected": "3.0" } ], "source": "CPE_FIELD", "cpe": "cpe:2.3:a:redhat:gluster_storage:3.0:*:*:*:*:*:*:*" } ] }- References
Affected packages
Git / github.com/ovirt/vdsm
Affected ranges
- Type
- GIT
- Repo
- https://github.com/ovirt/vdsm
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroducedLast affected
- Database specific
{ "extracted_events": [ { "introduced": "4.19" }, { "last_affected": "4.30.3" }, { "introduced": "4.30.5" }, { "last_affected": "4.30.8" } ], "source": "CPE_FIELD", "cpe": "cpe:2.3:a:ovirt:vdsm:*:*:*:*:*:*:*:*" }
Affected versions
v4.*
v4.10.0
v4.10.1
v4.10.2
v4.10.3
v4.11.0
v4.12.0
v4.12.0-rc1
v4.12.0-rc2
v4.12.0-rc3
v4.13.0
v4.14.0
v4.14.1
v4.15.0
v4.16.0
v4.17.0
v4.17.1
v4.17.2
v4.17.999
v4.18.0
v4.18.1
v4.18.999
v4.19.1
v4.20.0
v4.20.1
v4.20.10
v4.20.11
v4.20.12
v4.20.13
v4.20.14
v4.20.15
v4.20.16
v4.20.17
v4.20.2
v4.20.3
v4.20.4
v4.20.5
v4.20.6
v4.20.7
v4.20.8
v4.20.9
v4.30.0
v4.30.1
v4.30.2
v4.30.3
v4.30.5
v4.30.6
v4.30.7
v4.30.8
v4.9.0
v4.9.1
v4.9.2
v4.9.4
v4.9.6