Vulnerabilities > Gluster > Glusterfs > 3.12.11
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-10-31 | CVE-2018-14651 | Link Following vulnerability in multiple products It was found that the fix for CVE-2018-10927, CVE-2018-10928, CVE-2018-10929, CVE-2018-10930, and CVE-2018-10926 was incomplete. | 8.8 |
2018-09-04 | CVE-2018-10930 | Improper Input Validation vulnerability in multiple products A flaw was found in RPC request using gfs3_rename_req in glusterfs server. | 4.0 |
2018-09-04 | CVE-2018-10929 | Improper Input Validation vulnerability in multiple products A flaw was found in RPC request using gfs2_create_req in glusterfs server. | 6.5 |
2018-09-04 | CVE-2018-10928 | Link Following vulnerability in multiple products A flaw was found in RPC request using gfs3_symlink_req in glusterfs server which allows symlink destinations to point to file paths outside of the gluster volume. | 6.5 |
2018-09-04 | CVE-2018-10927 | Improper Input Validation vulnerability in multiple products A flaw was found in RPC request using gfs3_lookup_req in glusterfs server. | 5.5 |
2018-09-04 | CVE-2018-10926 | Improper Input Validation vulnerability in multiple products A flaw was found in RPC request using gfs3_mknod_req supported by glusterfs server. | 6.5 |
2018-09-04 | CVE-2018-10924 | Missing Release of Resource after Effective Lifetime vulnerability in Gluster Glusterfs It was discovered that fsync(2) system call in glusterfs client code leaks memory. | 6.8 |
2018-09-04 | CVE-2018-10923 | Improper Input Validation vulnerability in multiple products It was found that the "mknod" call derived from mknod(2) can create files pointing to devices on a glusterfs server node. | 5.5 |
2018-09-04 | CVE-2018-10914 | NULL Pointer Dereference vulnerability in multiple products It was found that an attacker could issue a xattr request via glusterfs FUSE to cause gluster brick process to crash which will result in a remote denial of service. | 4.0 |
2018-09-04 | CVE-2018-10913 | Information Exposure Through an Error Message vulnerability in multiple products An information disclosure vulnerability was discovered in glusterfs server. | 4.0 |