Vulnerabilities > Linuxfoundation

DATE CVE VULNERABILITY TITLE RISK
2023-01-18 CVE-2021-4314 Improper Authentication vulnerability in Linuxfoundation Zowe API Mediation Layer
It is possible to manipulate the JWT token without the knowledge of the JWT secret and authenticate without valid JWT token as any user.
network
low complexity
linuxfoundation CWE-287
5.3
2023-01-13 CVE-2022-46463 Missing Authentication for Critical Function vulnerability in Linuxfoundation Harbor
** DISPUTED ** An access control issue in Harbor v1.X.X to v2.5.3 allows attackers to access public and private image repositories without authentication.
network
low complexity
linuxfoundation CWE-306
7.5
2023-01-04 CVE-2022-4875 Cross-site Scripting vulnerability in Linuxfoundation Fossology
A vulnerability has been found in fossology and classified as problematic.
network
low complexity
linuxfoundation CWE-79
6.1
2023-01-03 CVE-2022-23506 Information Exposure Through Log Files vulnerability in Linuxfoundation Spinnaker
Spinnaker is an open source, multi-cloud continuous delivery platform for releasing software changes, and Spinnaker's Rosco microservice produces machine images.
network
low complexity
linuxfoundation CWE-532
7.5
2022-12-19 CVE-2022-23536 Unspecified vulnerability in Linuxfoundation Cortex 1.13.0/1.13.1/1.14.0
Cortex provides multi-tenant, long term storage for Prometheus.
network
low complexity
linuxfoundation
6.5
2022-12-07 CVE-2022-23471 Resource Exhaustion vulnerability in Linuxfoundation Containerd
containerd is an open source container runtime.
network
low complexity
linuxfoundation CWE-400
6.5
2022-12-07 CVE-2022-46770 Resource Exhaustion vulnerability in Linuxfoundation Mirage Firewall
qubes-mirage-firewall (aka Mirage firewall for QubesOS) 0.8.x through 0.8.3 allows guest OS users to cause a denial of service (CPU consumption and loss of forwarding) via a crafted multicast UDP packet (IP address range of 224.0.0.0 through 239.255.255.255).
network
low complexity
linuxfoundation CWE-400
7.5
2022-11-27 CVE-2022-45930 SQL Injection vulnerability in Linuxfoundation Opendaylight
A SQL injection issue was discovered in AAA in OpenDaylight (ODL) before 0.16.5.
network
low complexity
linuxfoundation CWE-89
7.5
2022-11-27 CVE-2022-45931 SQL Injection vulnerability in Linuxfoundation Opendaylight
A SQL injection issue was discovered in AAA in OpenDaylight (ODL) before 0.16.5.
network
low complexity
linuxfoundation CWE-89
7.5
2022-11-27 CVE-2022-45932 SQL Injection vulnerability in Linuxfoundation Opendaylight
A SQL injection issue was discovered in AAA in OpenDaylight (ODL) before 0.16.5.
network
low complexity
linuxfoundation CWE-89
7.5