Vulnerabilities > Gluster > Glusterfs > 4.0.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-09-04 | CVE-2018-10924 | Missing Release of Resource after Effective Lifetime vulnerability in Gluster Glusterfs It was discovered that fsync(2) system call in glusterfs client code leaks memory. | 6.5 |
| 2018-06-20 | CVE-2018-10841 | glusterfs is vulnerable to privilege escalation on gluster server nodes. | 8.8 |
| 2018-04-25 | CVE-2018-1112 | Unspecified vulnerability in Gluster Glusterfs glusterfs server before versions 3.10.12, 4.0.2 is vulnerable when using 'auth.allow' option which allows any unauthenticated gluster client to connect from any network to mount gluster storage volumes. | 8.8 |