Vulnerabilities > Clusterlabs > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-10-18 | CVE-2010-2496 | Improper Authentication vulnerability in Clusterlabs Cluster Glue and Pacemaker stonith-ng in pacemaker and cluster-glue passed passwords as commandline parameters, making it possible for local attackers to gain access to passwords of the HA stack and potentially influence its operations. | 2.1 |
| 2019-11-12 | CVE-2011-5271 | Link Following vulnerability in Clusterlabs Pacemaker Pacemaker before 1.1.6 configure script creates temporary files insecurely | 3.3 |