Vulnerabilities > Linuxfoundation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-17 | CVE-2024-46976 | Cross-site Scripting vulnerability in Linuxfoundation Backstage Backstage is an open framework for building developer portals. | 5.4 |
| 2024-09-02 | CVE-2024-20084 | Out-of-bounds Read vulnerability in multiple products In power, there is a possible out of bounds read due to a missing bounds check. | 4.4 |
| 2024-09-02 | CVE-2024-20085 | Out-of-bounds Read vulnerability in multiple products In power, there is a possible out of bounds read due to a missing bounds check. | 4.4 |
| 2024-09-02 | CVE-2024-20089 | Improper Check for Unusual or Exceptional Conditions vulnerability in multiple products In wlan, there is a possible denial of service due to incorrect error handling. | 7.5 |
| 2024-08-02 | CVE-2024-22278 | Unspecified vulnerability in Linuxfoundation Harbor Incorrect user permission validation in Harbor <v2.9.5 and Harbor <v2.10.3 allows authenticated users to modify configurations. | 4.3 |
| 2024-06-06 | CVE-2024-5187 | Unspecified vulnerability in Linuxfoundation Onnx 1.16.0 A vulnerability in the `download_model_with_test_data` function of the onnx/onnx framework, version 1.16.0, allows for arbitrary file overwrite due to inadequate prevention of path traversal attacks in malicious tar files. | 8.8 |
| 2024-01-31 | CVE-2024-21626 | Exposure of Resource to Wrong Sphere vulnerability in multiple products runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. | 8.6 |
| 2024-01-25 | CVE-2024-23656 | Inadequate Encryption Strength vulnerability in Linuxfoundation DEX 2.37.0 Dex is an identity service that uses OpenID Connect to drive authentication for other apps. | 7.5 |
| 2024-01-19 | CVE-2024-22424 | Cross-Site Request Forgery (CSRF) vulnerability in multiple products Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. | 8.3 |
| 2024-01-04 | CVE-2023-6944 | Information Exposure Through an Error Message vulnerability in multiple products A flaw was found in the Red Hat Developer Hub (RHDH). | 5.7 |