| 2021-03-10 | CVE-2021-21334 | In containerd (an industry-standard container runtime) before versions 1.3.10 and 1.4.4, containers launched through containerd's CRI implementation (through Kubernetes, crictl, or any other pod/container client that uses the containerd CRI service) that share the same image may receive incorrect environment variables, including values that are defined for other containers. | 6.3 |
| 2021-03-09 | CVE-2021-21369 | Unspecified vulnerability in Linuxfoundation Besu
Hyperledger Besu is an open-source, MainNet compatible, Ethereum client written in Java. | 6.5 |
| 2021-02-02 | CVE-2020-29662 | Cleartext Transmission of Sensitive Information vulnerability in Linuxfoundation Harbor
In Harbor 2.0 before 2.0.5 and 2.1.x before 2.1.2 the catalog’s registry API is exposed on an unauthenticated path. | 5.3 |
| 2020-12-16 | CVE-2020-26273 | Command Injection vulnerability in Linuxfoundation Osquery
osquery is a SQL powered operating system instrumentation, monitoring, and analytics framework. | 5.2 |
| 2020-12-01 | CVE-2020-15257 | containerd is an industry-standard container runtime and is available as a daemon for Linux and Windows. | 5.2 |
| 2020-10-16 | CVE-2020-15157 | Insufficiently Protected Credentials vulnerability in multiple products
In containerd (an industry-standard container runtime) before version 1.2.14 there is a credential leaking vulnerability. | 6.1 |
| 2020-09-30 | CVE-2020-13794 | Missing Authorization vulnerability in Linuxfoundation Harbor
Harbor 1.9.* 1.10.* and 2.0.* allows Exposure of Sensitive Information to an Unauthorized Actor. | 4.3 |
| 2020-07-15 | CVE-2020-13788 | Server-Side Request Forgery (SSRF) vulnerability in Linuxfoundation Harbor
Harbor prior to 2.0.1 allows SSRF with this limitation: an attacker with the ability to edit projects can scan ports of hosts accessible on the Harbor server's intranet. | 4.3 |
| 2020-06-26 | CVE-2020-10753 | Injection vulnerability in multiple products
A flaw was found in the Red Hat Ceph Storage RadosGW (Ceph Object Gateway). | 6.5 |
| 2020-06-19 | CVE-2020-10750 | Information Exposure Through Log Files vulnerability in Linuxfoundation Jaeger
Sensitive information written to a log file vulnerability was found in jaegertracing/jaeger before version 1.18.1 when the Kafka data store is used. | 5.5 |