Vulnerabilities > Linuxfoundation > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-05-11 CVE-2023-29195 Unspecified vulnerability in Linuxfoundation Vitess
Vitess is a database clustering system for horizontal scaling of MySQL through generalized sharding.
network
low complexity
linuxfoundation
4.3
4.3
2023-04-26 CVE-2023-30841 Cleartext Transmission of Sensitive Information vulnerability in Linuxfoundation Baremetal Operator
Baremetal Operator (BMO) is a bare metal host provisioning integration for Kubernetes.
local
low complexity
linuxfoundation CWE-319
5.5
5.5
2023-04-24 CVE-2023-2250 Unspecified vulnerability in Linuxfoundation Open Cluster Management
A flaw was found in the Open Cluster Management (OCM) when a user have access to the worker nodes which has the cluster-manager-registration-controller or cluster-manager deployments.
local
low complexity
linuxfoundation
6.7
6.7
2023-04-12 CVE-2023-30512 Incorrect Permission Assignment for Critical Resource vulnerability in Linuxfoundation Cubefs
CubeFS through 3.2.1 allows Kubernetes cluster-level privilege escalation.
network
low complexity
linuxfoundation CWE-732
6.5
6.5
2023-03-29 CVE-2023-25809 Unspecified vulnerability in Linuxfoundation Runc
runc is a CLI tool for spawning and running containers according to the OCI specification.
local
low complexity
linuxfoundation
6.3
6.3
2023-03-27 CVE-2022-41354 Information Exposure Through Discrepancy vulnerability in Linuxfoundation Argo-Cd
An access control issue in Argo CD v2.4.12 and below allows unauthenticated attackers to enumerate existing applications.
network
low complexity
linuxfoundation CWE-203
4.3
4.3
2023-02-16 CVE-2023-25153 Allocation of Resources Without Limits or Throttling vulnerability in Linuxfoundation Containerd
containerd is an open source container runtime.
local
low complexity
linuxfoundation CWE-770
5.5
5.5
2023-02-14 CVE-2023-25571 Cross-site Scripting vulnerability in Linuxfoundation products
Backstage is an open platform for building developer portals.
network
low complexity
linuxfoundation CWE-79
5.4
5.4
2023-01-18 CVE-2021-4314 Improper Authentication vulnerability in Linuxfoundation Zowe API Mediation Layer
It is possible to manipulate the JWT token without the knowledge of the JWT secret and authenticate without valid JWT token as any user.
network
low complexity
linuxfoundation CWE-287
5.3
5.3
2023-01-04 CVE-2022-4875 Cross-site Scripting vulnerability in Linuxfoundation Fossology
A vulnerability has been found in fossology and classified as problematic.
network
low complexity
linuxfoundation CWE-79
6.1
6.1