Vulnerabilities > Linuxfoundation > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-02-16 CVE-2023-25153 Allocation of Resources Without Limits or Throttling vulnerability in Linuxfoundation Containerd
containerd is an open source container runtime.
local
low complexity
linuxfoundation CWE-770
5.5
2023-02-14 CVE-2023-25571 Cross-site Scripting vulnerability in Linuxfoundation products
Backstage is an open platform for building developer portals.
network
low complexity
linuxfoundation CWE-79
5.4
2023-01-18 CVE-2021-4314 Improper Authentication vulnerability in Linuxfoundation Zowe API Mediation Layer
It is possible to manipulate the JWT token without the knowledge of the JWT secret and authenticate without valid JWT token as any user.
network
low complexity
linuxfoundation CWE-287
5.3
2023-01-04 CVE-2022-4875 Cross-site Scripting vulnerability in Linuxfoundation Fossology
A vulnerability has been found in fossology and classified as problematic.
network
low complexity
linuxfoundation CWE-79
6.1
2022-12-26 CVE-2019-19030 Unspecified vulnerability in Linuxfoundation Harbor
Cloud Native Computing Foundation Harbor before 1.10.3 and 2.x before 2.0.1 allows resource enumeration because unauthenticated API calls reveal (via the HTTP status code) whether a resource exists.
network
low complexity
linuxfoundation
5.3
2022-12-19 CVE-2022-23536 Unspecified vulnerability in Linuxfoundation Cortex 1.13.0/1.13.1/1.14.0
Cortex provides multi-tenant, long term storage for Prometheus.
network
low complexity
linuxfoundation
6.5
2022-12-07 CVE-2022-23471 Memory Leak vulnerability in Linuxfoundation Containerd
containerd is an open source container runtime.
network
low complexity
linuxfoundation CWE-401
6.5
2022-11-16 CVE-2022-39383 Server-Side Request Forgery (SSRF) vulnerability in Linuxfoundation Kubevela
KubeVela is an open source application delivery platform.
network
low complexity
linuxfoundation CWE-918
6.5
2022-10-07 CVE-2022-26475 Out-of-bounds Write vulnerability in multiple products
In wlan, there is a possible out of bounds write due to a missing bounds check.
local
low complexity
linuxfoundation google CWE-787
6.7
2022-10-07 CVE-2022-32590 Improper Check for Unusual or Exceptional Conditions vulnerability in multiple products
In wlan, there is a possible use after free due to an incorrect status check.
local
low complexity
linuxfoundation google CWE-754
6.7