High

DATE	CVE	VULNERABILITY TITLE	RISK
2021-03-05	CVE-2021-27098	Improper Certificate Validation vulnerability in Cncf Spire In SPIRE 0.8.1 through 0.8.4 and before versions 0.9.4, 0.10.2, 0.11.3 and 0.12.1, specially crafted requests to the FetchX509SVID RPC of SPIRE Server’s Legacy Node API can result in the possible issuance of an X.509 certificate with a URI SAN for a SPIFFE ID that the agent is not authorized to distribute. network low complexity cncf CWE-295	8.1