Vulnerabilities > Linuxfoundation
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-02-16 | CVE-2023-25153 | Allocation of Resources Without Limits or Throttling vulnerability in Linuxfoundation Containerd containerd is an open source container runtime. | 5.5 |
2023-02-16 | CVE-2023-25173 | Unspecified vulnerability in Linuxfoundation Containerd containerd is an open source container runtime. | 7.8 |
2023-02-14 | CVE-2023-25571 | Cross-site Scripting vulnerability in Linuxfoundation products Backstage is an open platform for building developer portals. | 5.4 |
2023-02-08 | CVE-2023-25151 | Unspecified vulnerability in Linuxfoundation Opentelemetry-Go Contrib 0.38.0 opentelemetry-go-contrib is a collection of extensions for OpenTelemetry-Go. | 7.5 |
2023-01-26 | CVE-2022-25882 | Path Traversal vulnerability in Linuxfoundation Onnx Versions of the package onnx before 1.13.0 are vulnerable to Directory Traversal as the external_data field of the tensor proto can have a path to the file which is outside the model current directory or user-provided directory, for example "../../../etc/passwd" | 7.5 |
2023-01-18 | CVE-2021-4314 | Improper Authentication vulnerability in Linuxfoundation Zowe API Mediation Layer It is possible to manipulate the JWT token without the knowledge of the JWT secret and authenticate without valid JWT token as any user. | 5.3 |
2023-01-13 | CVE-2022-46463 | Missing Authentication for Critical Function vulnerability in Linuxfoundation Harbor An access control issue in Harbor v1.X.X to v2.5.3 allows attackers to access public and private image repositories without authentication. | 7.5 |
2023-01-04 | CVE-2022-4875 | Cross-site Scripting vulnerability in Linuxfoundation Fossology A vulnerability has been found in fossology and classified as problematic. | 6.1 |
2023-01-03 | CVE-2022-23506 | Unspecified vulnerability in Linuxfoundation Spinnaker Spinnaker is an open source, multi-cloud continuous delivery platform for releasing software changes, and Spinnaker's Rosco microservice produces machine images. | 7.5 |
2022-12-26 | CVE-2019-19030 | Unspecified vulnerability in Linuxfoundation Harbor Cloud Native Computing Foundation Harbor before 1.10.3 and 2.x before 2.0.1 allows resource enumeration because unauthenticated API calls reveal (via the HTTP status code) whether a resource exists. | 5.3 |