2.3.1

DATE	CVE	VULNERABILITY TITLE	RISK
2020-12-16	CVE-2020-26273	Command Injection vulnerability in Linuxfoundation Osquery osquery is a SQL powered operating system instrumentation, monitoring, and analytics framework. local low complexity linuxfoundation CWE-77	3.6
2020-07-10	CVE-2020-11081	Process Control vulnerability in Linuxfoundation Osquery osquery before version 4.4.0 enables a privilege escalation vulnerability. local low complexity linuxfoundation CWE-114	8.2
2019-06-03	CVE-2019-3567	Link Following vulnerability in Linuxfoundation Osquery In some configurations an attacker can inject a new executable path into the extensions.load file for osquery and hard link a parent folder of a malicious binary to a folder with known 'safe' permissions. network linuxfoundation CWE-59 critical	9.3
2018-12-31	CVE-2018-6336	7PK - Security Features vulnerability in Linuxfoundation Osquery An issue was discovered in osquery. network linuxfoundation CWE-254	6.8