x/vulndb: potential Go vuln in kubevirt.io/kubevirt: GHSA-828r-r2c8-rfw3

[GoVulnBot]

In GitHub Security Advisory GHSA-828r-r2c8-rfw3, there is a vulnerability in the following Go packages or modules:

Unit	Fixed	Vulnerable Ranges
kubevirt.io/kubevirt	0.30.0	< 0.30.0

Cross references:

• Module kubevirt.io/kubevirt appears in issue x/vulndb: potential Go vuln in kubevirt.io/kubevirt: CVE-2022-1798, GHSA-cvx8-ppmc-78hm #954 NOT_IMPORTABLE
• Module kubevirt.io/kubevirt appears in issue x/vulndb: potential Go vuln in kubevirt.io/kubevirt: GHSA-qv98-3369-g364 #1000 EFFECTIVELY_PRIVATE

See doc/triage.md for instructions on how to triage this report.

modules:
    - module: kubevirt.io/kubevirt
      versions:
        - fixed: 0.30.0
      vulnerable_at: 0.30.0-rc.4
      packages:
        - package: kubevirt.io/kubevirt
summary: Privilege Escalation in kubevirt in kubevirt.io/kubevirt
cves:
    - CVE-2020-14316
ghsas:
    - GHSA-828r-r2c8-rfw3
references:
    - web: https://nvd.nist.gov/vuln/detail/CVE-2020-14316
    - fix: https://github.com/kubevirt/kubevirt/pull/3686
    - web: https://bugzilla.redhat.com/show_bug.cgi?id=1848951
    - advisory: https://github.com/advisories/GHSA-828r-r2c8-rfw3
source:
    id: GHSA-828r-r2c8-rfw3

[gopherbot]

Change https://go.dev/cl/586484 mentions this issue: data/reports: add 73 unreviewed reports

[gopherbot]

Change https://go.dev/cl/590039 mentions this issue: data/reports: add 51 reports