Vulnerabilities > Linuxfoundation > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-04-13 | CVE-2020-1759 | Reusing a Nonce, Key Pair in Encryption vulnerability in multiple products A vulnerability was found in Red Hat Ceph Storage 4 and Red Hat Openshift Container Storage 4.2 where, A nonce reuse vulnerability was discovered in the secure mode of the messenger v2 protocol, which can allow an attacker to forge auth tags and potentially manipulate the data by leveraging the reuse of a nonce in a session. | 6.8 |
| 2020-03-20 | CVE-2019-19029 | SQL Injection vulnerability in multiple products Cloud Native Computing Foundation Harbor prior to 1.8.6 and 1.9.3 allows SQL Injection via user-groups in the VMware Harbor Container Registry for the Pivotal Platform. | 6.5 |
| 2020-03-20 | CVE-2019-19026 | SQL Injection vulnerability in multiple products Cloud Native Computing Foundation Harbor prior to 1.8.6 and 1.9.3 allows SQL Injection via project quotas in the VMware Harbor Container Registry for the Pivotal Platform. | 4.0 |
| 2020-03-20 | CVE-2019-19025 | Cross-Site Request Forgery (CSRF) vulnerability in multiple products Cloud Native Computing Foundation Harbor prior to 1.8.6 and 1.9.3 allows CSRF in the VMware Harbor Container Registry for the Pivotal Platform. | 6.8 |
| 2020-03-20 | CVE-2019-19023 | Cloud Native Computing Foundation Harbor prior to 1.8.6 and 1.9.3 has a Privilege Escalation Vulnerability in the VMware Harbor Container Registry for the Pivotal Platform. | 6.5 |
| 2020-03-13 | CVE-2020-1887 | Improper Certificate Validation vulnerability in Linuxfoundation Osquery Incorrect validation of the TLS SNI hostname in osquery versions after 2.9.0 and before 4.2.0 could allow an attacker to MITM osquery traffic in the absence of a configured root chain of trust. | 5.8 |
| 2020-03-10 | CVE-2020-5259 | Injection vulnerability in Linuxfoundation Dojox In affected versions of dojox (NPM package), the jqMix method is vulnerable to Prototype Pollution. | 5.0 |
| 2020-02-20 | CVE-2019-16302 | Improper Handling of Exceptional Conditions vulnerability in Linuxfoundation Open Network Operating System 1.14.0 An issue was discovered in Open Network Operating System (ONOS) 1.14. | 5.0 |
| 2020-02-20 | CVE-2019-16301 | Improper Handling of Exceptional Conditions vulnerability in Linuxfoundation Open Network Operating System 1.14.0 An issue was discovered in Open Network Operating System (ONOS) 1.14. | 5.0 |
| 2020-02-20 | CVE-2019-16300 | Improper Handling of Exceptional Conditions vulnerability in Linuxfoundation Open Network Operating System 1.14.0 An issue was discovered in Open Network Operating System (ONOS) 1.14. | 5.0 |