Vulnerabilities > Linuxfoundation
|2020-12-28||CVE-2020-26290|| Improper Verification of Cryptographic Signature vulnerability in Linuxfoundation DEX |
Dex is a federated OpenID Connect provider written in Go.
| 6.8 |
|2020-12-24||CVE-2020-11093|| Improper Verification of Cryptographic Signature vulnerability in Linuxfoundation Indy-Node |
Hyperledger Indy Node is the server portion of a distributed ledger purpose-built for decentralized identity.
| 5.0 |
|2020-12-16||CVE-2020-26273|| Command Injection vulnerability in Linuxfoundation Osquery |
osquery is a SQL powered operating system instrumentation, monitoring, and analytics framework.
| 3.6 |
|2020-12-11||CVE-2020-9301|| Deserialization of Untrusted Data vulnerability in Linuxfoundation Spinnaker |
Nolan Ray from Apple Information Security identified a security vulnerability in Spinnaker, all versions prior to version 1.23.4, 1.22.4 or 1.21.5.
| 6.5 |
|2020-12-01||CVE-2020-15257|| Incorrect Resource Transfer Between Spheres vulnerability in Linuxfoundation Containerd |
containerd is an industry-standard container runtime and is available as a daemon for Linux and Windows.
| 3.6 |
|2020-11-06||CVE-2020-26892|| USE of Hard-Coded Credentials vulnerability in Linuxfoundation Nats-Server |
The JWT library in NATS nats-server before 2.1.9 has Incorrect Access Control because of how expired credentials are handled.
| 7.5 |
|2020-11-06||CVE-2020-26521|| Null Pointer Dereference vulnerability in Linuxfoundation Nats-Server |
The JWT library in NATS nats-server before 2.1.9 allows a denial of service (a nil dereference in Go code).
| 5.0 |
|2020-10-16||CVE-2020-15157|| Insufficiently Protected Credentials vulnerability in multiple products |
In containerd (an industry-standard container runtime) before version 1.2.14 there is a credential leaking vulnerability.
| 4.3 |
|2020-09-30||CVE-2020-26149|| Insufficiently Protected Credentials vulnerability in Linuxfoundation Nats.Deno and Nats.Js |
NATS nats.js before 2.0.0-209, nats.ws before 1.0.0-111, and nats.deno before 1.0.0-9 allow credential disclosure from a client to a server.
| 5.0 |
|2020-09-30||CVE-2020-13794|| Information Exposure vulnerability in Linuxfoundation Harbor |
Harbor 1.9.* 1.10.* and 2.0.* allows Exposure of Sensitive Information to an Unauthorized Actor.
| 4.0 |