Vulnerabilities > Linuxfoundation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-07-19 | CVE-2021-32760 | Exposure of Resource TO Wrong Sphere vulnerability in Linuxfoundation Containerd containerd is a container runtime. | 6.8 |
| 2021-07-09 | CVE-2021-36153 | Unspecified vulnerability in Linuxfoundation Grpc Swift 1.1.0/1.1.1 Mismanaged state in GRPCWebToHTTP2ServerCodec.swift in gRPC Swift 1.1.0 and 1.1.1 allows remote attackers to deny service by sending malformed requests. | 5.0 |
| 2021-07-09 | CVE-2021-36154 | Uncontrolled Recursion vulnerability in Linuxfoundation Grpc Swift 1.0.0/1.1.0/1.1.1 HTTP2ToRawGRPCServerCodec in gRPC Swift 1.1.1 and earlier allows remote attackers to deny service via the delivery of many small messages within a single HTTP/2 frame, leading to Uncontrolled Recursion and stack consumption. | 5.0 |
| 2021-07-09 | CVE-2021-36155 | Classic Buffer Overflow vulnerability in Linuxfoundation Grpc Swift 1.0.0/1.1.0/1.1.1 LengthPrefixedMessageReader in gRPC Swift 1.1.0 and earlier allocates buffers of arbitrary length, which allows remote attackers to cause uncontrolled resource consumption and deny service. | 5.0 |
| 2021-06-03 | CVE-2021-32662 | Path Traversal vulnerability in Linuxfoundation Backstage Backstage is an open platform for building developer portals, and techdocs-common contains common functionalities for Backstage's TechDocs. | 3.5 |
| 2021-06-03 | CVE-2021-32661 | Unrestricted Upload of File With Dangerous Type vulnerability in Linuxfoundation @Backstage/Plugin-Techdocs Backstage is an open platform for building developer portals. | 4.9 |
| 2021-06-03 | CVE-2021-32660 | Unrestricted Upload of File With Dangerous Type vulnerability in Linuxfoundation @Backstage/Techdocs-Common Backstage is an open platform for building developer portals, and techdocs-common contains common functionalities for Backstage's TechDocs. | 5.8 |
| 2021-05-28 | CVE-2020-27847 | Authentication Bypass BY Spoofing vulnerability in Linuxfoundation DEX A vulnerability exists in the SAML connector of the github.com/dexidp/dex library used to process SAML Signature Validation. | 7.5 |
| 2021-05-27 | CVE-2021-30465 | Path Traversal vulnerability in multiple products runc before 1.0.0-rc95 allows a Container Filesystem Breakout via Directory Traversal. | 6.0 |
| 2021-05-12 | CVE-2021-23135 | Exposure of Resource TO Wrong Sphere vulnerability in Linuxfoundation Argo Continuous Delivery Exposure of System Data to an Unauthorized Control Sphere vulnerability in web UI of Argo CD allows attacker to cause leaked secret data into web UI error messages and logs. | 2.1 |