Vulnerabilities > Linuxfoundation

DATE CVE VULNERABILITY TITLE RISK
2023-04-14 CVE-2023-29018 Unspecified vulnerability in Linuxfoundation Openfeature
The OpenFeature Operator allows users to expose feature flags to applications.
network
low complexity
linuxfoundation
8.8
2023-04-14 CVE-2023-29194 Unspecified vulnerability in Linuxfoundation Vitess
Vitess is a database clustering system for horizontal scaling of MySQL.
network
low complexity
linuxfoundation
2.7
2023-04-12 CVE-2023-30512 Incorrect Permission Assignment for Critical Resource vulnerability in Linuxfoundation Cubefs
CubeFS through 3.2.1 allows Kubernetes cluster-level privilege escalation.
network
low complexity
linuxfoundation CWE-732
6.5
2023-03-29 CVE-2023-25809 Unspecified vulnerability in Linuxfoundation Runc
runc is a CLI tool for spawning and running containers according to the OCI specification.
local
low complexity
linuxfoundation
6.3
2023-03-29 CVE-2023-28642 Link Following vulnerability in Linuxfoundation Runc
runc is a CLI tool for spawning and running containers according to the OCI specification.
local
low complexity
linuxfoundation CWE-59
7.8
2023-03-27 CVE-2022-41354 Information Exposure Through Discrepancy vulnerability in Linuxfoundation Argo-Cd
An access control issue in Argo CD v2.4.12 and below allows unauthenticated attackers to enumerate existing applications.
network
low complexity
linuxfoundation CWE-203
4.3
2023-03-03 CVE-2023-27561 Use of Incorrectly-Resolved Name or Reference vulnerability in multiple products
runc through 1.1.4 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfs_linux.go.
local
high complexity
linuxfoundation redhat debian CWE-706
7.0
2023-03-01 CVE-2021-4326 Unspecified vulnerability in Linuxfoundation Zowe
A vulnerability in Imperative framework which allows already-privileged local actors to execute arbitrary shell commands via plugin install/update commands, or maliciously formed environment variables.
local
low complexity
linuxfoundation
7.8
2023-02-26 CVE-2022-48363 Reachable Assertion vulnerability in Linuxfoundation Automotive Grade Linux
In MPD before 0.23.8, as used on Automotive Grade Linux and other platforms, the PipeWire output plugin mishandles a Drain call in certain situations involving truncated files.
network
low complexity
linuxfoundation CWE-617
7.5
2023-02-17 CVE-2021-32163 Incorrect Authorization vulnerability in Linuxfoundation Modular Open Smart Network
Authentication vulnerability in MOSN v.0.23.0 allows attacker to escalate privileges via case-sensitive JWT authorization.
network
low complexity
linuxfoundation CWE-863
critical
9.8