Vulnerabilities > Linuxfoundation > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-04-14 | CVE-2023-29018 | Unspecified vulnerability in Linuxfoundation Openfeature The OpenFeature Operator allows users to expose feature flags to applications. | 8.8 |
| 2023-03-29 | CVE-2023-28642 | Link Following vulnerability in Linuxfoundation Runc runc is a CLI tool for spawning and running containers according to the OCI specification. | 7.8 |
| 2023-03-03 | CVE-2023-27561 | Use of Incorrectly-Resolved Name or Reference vulnerability in multiple products runc through 1.1.4 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfs_linux.go. | 7.0 |
| 2023-03-01 | CVE-2021-4326 | Unspecified vulnerability in Linuxfoundation Zowe 1.16.0/2.0.0 A vulnerability in Imperative framework which allows already-privileged local actors to execute arbitrary shell commands via plugin install/update commands, or maliciously formed environment variables. | 7.8 |
| 2023-02-26 | CVE-2022-48363 | Reachable Assertion vulnerability in Linuxfoundation Automotive Grade Linux In MPD before 0.23.8, as used on Automotive Grade Linux and other platforms, the PipeWire output plugin mishandles a Drain call in certain situations involving truncated files. | 7.5 |
| 2023-02-16 | CVE-2023-25173 | Incorrect Authorization vulnerability in Linuxfoundation Containerd containerd is an open source container runtime. | 7.8 |
| 2023-02-08 | CVE-2023-25151 | Resource Exhaustion vulnerability in Linuxfoundation Opentelemetry-Go Contrib 0.38.0 opentelemetry-go-contrib is a collection of extensions for OpenTelemetry-Go. | 7.5 |
| 2023-01-26 | CVE-2022-25882 | Path Traversal vulnerability in Linuxfoundation Onnx Versions of the package onnx before 1.13.0 are vulnerable to Directory Traversal as the external_data field of the tensor proto can have a path to the file which is outside the model current directory or user-provided directory, for example "../../../etc/passwd" | 7.5 |
| 2023-01-13 | CVE-2022-46463 | Missing Authentication for Critical Function vulnerability in Linuxfoundation Harbor An access control issue in Harbor v1.X.X to v2.5.3 allows attackers to access public and private image repositories without authentication. | 7.5 |
| 2023-01-03 | CVE-2022-23506 | Information Exposure Through Log Files vulnerability in Linuxfoundation Spinnaker Spinnaker is an open source, multi-cloud continuous delivery platform for releasing software changes, and Spinnaker's Rosco microservice produces machine images. | 7.5 |