Vulnerabilities > Gluster > Glusterfs > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-09-04 | CVE-2018-10904 | It was found that glusterfs server does not properly sanitize file paths in the "trusted.io-stats-dump" extended attribute which is used by the "debug/io-stats" translator. | 8.8 |
| 2018-06-20 | CVE-2018-10841 | glusterfs is vulnerable to privilege escalation on gluster server nodes. | 8.8 |
| 2018-04-25 | CVE-2018-1112 | Unspecified vulnerability in Gluster Glusterfs glusterfs server before versions 3.10.12, 4.0.2 is vulnerable when using 'auth.allow' option which allows any unauthenticated gluster client to connect from any network to mount gluster storage volumes. | 8.8 |