Vulnerabilities > Gluster > Glusterfs > 3.8.4
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-10-31 | CVE-2018-14661 | Improper Input Validation vulnerability in multiple products It was found that usage of snprintf function in feature/locks translator of glusterfs server 3.8.4, as shipped with Red Hat Gluster Storage, was vulnerable to a format string attack. | 6.5 |
| 2018-06-20 | CVE-2018-10841 | Authentication Bypass Using an Alternate Path or Channel vulnerability in multiple products glusterfs is vulnerable to privilege escalation on gluster server nodes. | 8.8 |
| 2018-04-25 | CVE-2018-1112 | Unspecified vulnerability in Gluster Glusterfs glusterfs server before versions 3.10.12, 4.0.2 is vulnerable when using 'auth.allow' option which allows any unauthenticated gluster client to connect from any network to mount gluster storage volumes. | 7.5 |
| 2017-10-26 | CVE-2017-15096 | NULL Pointer Dereference vulnerability in Gluster Glusterfs A flaw was found in GlusterFS in versions prior to 3.10. | 3.3 |