Product
A path traversal vulnerability exists in KubeVirt's virt-exportserver component, where an attacker with namespace-level access can exploit this flaw by creating a symbolic link within an exported filesystem PVC to read arbitrary files from the exporter pod, leading to information disclosure.