Vulnerabilities > Gluster > Glusterfs > 3.1.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-11-01 | CVE-2018-14660 | Resource Exhaustion vulnerability in multiple products A flaw was found in glusterfs server through versions 4.1.4 and 3.1.2 which allowed repeated usage of GF_META_LOCK_KEY xattr. | 6.5 |
| 2018-06-20 | CVE-2018-10841 | Authentication Bypass Using an Alternate Path or Channel vulnerability in multiple products glusterfs is vulnerable to privilege escalation on gluster server nodes. | 8.8 |
| 2018-04-25 | CVE-2018-1112 | Unspecified vulnerability in Gluster Glusterfs glusterfs server before versions 3.10.12, 4.0.2 is vulnerable when using 'auth.allow' option which allows any unauthenticated gluster client to connect from any network to mount gluster storage volumes. | 7.5 |
| 2017-10-26 | CVE-2017-15096 | NULL Pointer Dereference vulnerability in Gluster Glusterfs A flaw was found in GlusterFS in versions prior to 3.10. | 3.3 |