Vulnerabilities > Linuxfoundation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-07-09 | CVE-2021-36153 | Unspecified vulnerability in Linuxfoundation Grpc Swift 1.1.0/1.1.1 Mismanaged state in GRPCWebToHTTP2ServerCodec.swift in gRPC Swift 1.1.0 and 1.1.1 allows remote attackers to deny service by sending malformed requests. | 7.5 |
| 2021-07-09 | CVE-2021-36154 | Uncontrolled Recursion vulnerability in Linuxfoundation Grpc Swift 1.0.0/1.1.0/1.1.1 HTTP2ToRawGRPCServerCodec in gRPC Swift 1.1.1 and earlier allows remote attackers to deny service via the delivery of many small messages within a single HTTP/2 frame, leading to Uncontrolled Recursion and stack consumption. | 7.5 |
| 2021-07-09 | CVE-2021-36155 | Allocation of Resources Without Limits or Throttling vulnerability in Linuxfoundation Grpc Swift 1.0.0/1.1.0/1.1.1 LengthPrefixedMessageReader in gRPC Swift 1.1.0 and earlier allocates buffers of arbitrary length, which allows remote attackers to cause uncontrolled resource consumption and deny service. | 7.5 |
| 2021-06-03 | CVE-2021-32662 | Unspecified vulnerability in Linuxfoundation Backstage Backstage is an open platform for building developer portals, and techdocs-common contains common functionalities for Backstage's TechDocs. | 6.5 |
| 2021-06-03 | CVE-2021-32661 | Unrestricted Upload of File with Dangerous Type vulnerability in Linuxfoundation @Backstage/Plugin-Techdocs Backstage is an open platform for building developer portals. | 7.3 |
| 2021-06-03 | CVE-2021-32660 | Unrestricted Upload of File with Dangerous Type vulnerability in Linuxfoundation @Backstage/Techdocs-Common Backstage is an open platform for building developer portals, and techdocs-common contains common functionalities for Backstage's TechDocs. | 8.1 |
| 2021-05-28 | CVE-2020-27847 | Unspecified vulnerability in Linuxfoundation DEX A vulnerability exists in the SAML connector of the github.com/dexidp/dex library used to process SAML Signature Validation. | 9.8 |
| 2021-05-27 | CVE-2021-30465 | Race Condition vulnerability in multiple products runc before 1.0.0-rc95 allows a Container Filesystem Breakout via Directory Traversal. | 8.5 |
| 2021-04-30 | CVE-2021-31232 | Unspecified vulnerability in Linuxfoundation Cortex The Alertmanager in CNCF Cortex before 1.8.1 has a local file disclosure vulnerability when -experimental.alertmanager.enable-api is used. | 5.5 |
| 2021-04-15 | CVE-2021-20288 | Improper Authentication vulnerability in multiple products An authentication flaw was found in ceph in versions before 14.2.20. | 7.2 |