Vulnerabilities > Linuxfoundation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-06-22 | CVE-2020-10736 | Unspecified vulnerability in Linuxfoundation Ceph 15.2.0/15.2.1 An authorization bypass vulnerability was found in Ceph versions 15.2.0 before 15.2.2, where the ceph-mon and ceph-mgr daemons do not properly restrict access, resulting in gaining access to unauthorized resources. low complexity linuxfoundation | 8.0 |
| 2020-06-19 | CVE-2020-10750 | Information Exposure Through Log Files vulnerability in Linuxfoundation Jaeger Sensitive information written to a log file vulnerability was found in jaegertracing/jaeger before version 1.18.1 when the Kafka data store is used. | 5.5 |
| 2020-06-11 | CVE-2020-11090 | Unspecified vulnerability in Linuxfoundation Indy-Node 1.12.2 In Indy Node 1.12.2, there is an Uncontrolled Resource Consumption vulnerability. | 7.5 |
| 2020-06-03 | CVE-2020-10749 | A vulnerability was found in all versions of containernetworking/plugins before version 0.8.6, that allows malicious containers in Kubernetes clusters to perform man-in-the-middle (MitM) attacks. | 6.0 |
| 2020-05-13 | CVE-2020-12831 | Incorrect Permission Assignment for Critical Resource vulnerability in Linuxfoundation Free Range Routing An issue was discovered in FRRouting FRR (aka Free Range Routing) through 7.3.1. | 5.3 |
| 2020-04-23 | CVE-2020-1760 | Cross-site Scripting vulnerability in multiple products A flaw was found in the Ceph Object Gateway, where it supports request sent by an anonymous user in Amazon S3. | 6.1 |
| 2020-04-22 | CVE-2020-12059 | NULL Pointer Dereference vulnerability in multiple products An issue was discovered in Ceph through 13.2.9. | 7.5 |
| 2020-04-21 | CVE-2020-1699 | Path Traversal vulnerability in multiple products A path traversal flaw was found in the Ceph dashboard implemented in upstream versions v14.2.5, v14.2.6, v15.0.0 of Ceph storage and has been fixed in versions 14.2.7 and 15.1.0. | 7.5 |
| 2020-04-13 | CVE-2020-1759 | A vulnerability was found in Red Hat Ceph Storage 4 and Red Hat Openshift Container Storage 4.2 where, A nonce reuse vulnerability was discovered in the secure mode of the messenger v2 protocol, which can allow an attacker to forge auth tags and potentially manipulate the data by leveraging the reuse of a nonce in a session. | 6.8 |
| 2020-03-20 | CVE-2019-19029 | SQL Injection vulnerability in multiple products Cloud Native Computing Foundation Harbor prior to 1.8.6 and 1.9.3 allows SQL Injection via user-groups in the VMware Harbor Container Registry for the Pivotal Platform. | 7.2 |