Vulnerabilities > Gluster > Glusterfs > 3.12.9
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-10-31 | CVE-2018-14651 | Link Following vulnerability in multiple products It was found that the fix for CVE-2018-10927, CVE-2018-10928, CVE-2018-10929, CVE-2018-10930, and CVE-2018-10926 was incomplete. | 8.8 |
2018-09-04 | CVE-2018-10930 | Improper Input Validation vulnerability in multiple products A flaw was found in RPC request using gfs3_rename_req in glusterfs server. | 4.0 |
2018-09-04 | CVE-2018-10929 | Improper Input Validation vulnerability in multiple products A flaw was found in RPC request using gfs2_create_req in glusterfs server. | 6.5 |
2018-09-04 | CVE-2018-10928 | Link Following vulnerability in multiple products A flaw was found in RPC request using gfs3_symlink_req in glusterfs server which allows symlink destinations to point to file paths outside of the gluster volume. | 6.5 |
2018-09-04 | CVE-2018-10927 | Improper Input Validation vulnerability in multiple products A flaw was found in RPC request using gfs3_lookup_req in glusterfs server. | 5.5 |
2018-09-04 | CVE-2018-10926 | Improper Input Validation vulnerability in multiple products A flaw was found in RPC request using gfs3_mknod_req supported by glusterfs server. | 6.5 |
2018-09-04 | CVE-2018-10923 | Improper Input Validation vulnerability in multiple products It was found that the "mknod" call derived from mknod(2) can create files pointing to devices on a glusterfs server node. | 5.5 |
2018-09-04 | CVE-2018-10914 | NULL Pointer Dereference vulnerability in multiple products It was found that an attacker could issue a xattr request via glusterfs FUSE to cause gluster brick process to crash which will result in a remote denial of service. | 4.0 |
2018-09-04 | CVE-2018-10913 | Information Exposure Through an Error Message vulnerability in multiple products An information disclosure vulnerability was discovered in glusterfs server. | 4.0 |
2018-09-04 | CVE-2018-10911 | Deserialization of Untrusted Data vulnerability in multiple products A flaw was found in the way dic_unserialize function of glusterfs does not handle negative key length values. | 5.0 |