Vulnerabilities > Linuxfoundation > Medium

DATE CVE VULNERABILITY TITLE RISK
2020-06-03 CVE-2020-10749 A vulnerability was found in all versions of containernetworking/plugins before version 0.8.6, that allows malicious containers in Kubernetes clusters to perform man-in-the-middle (MitM) attacks.
network
high complexity
linuxfoundation redhat fedoraproject
6.0
2020-05-13 CVE-2020-12831 Incorrect Permission Assignment for Critical Resource vulnerability in Linuxfoundation Free Range Routing
An issue was discovered in FRRouting FRR (aka Free Range Routing) through 7.3.1.
network
low complexity
linuxfoundation CWE-732
5.3
2020-04-23 CVE-2020-1760 Cross-site Scripting vulnerability in multiple products
A flaw was found in the Ceph Object Gateway, where it supports request sent by an anonymous user in Amazon S3.
6.1
2020-04-13 CVE-2020-1759 A vulnerability was found in Red Hat Ceph Storage 4 and Red Hat Openshift Container Storage 4.2 where, A nonce reuse vulnerability was discovered in the secure mode of the messenger v2 protocol, which can allow an attacker to forge auth tags and potentially manipulate the data by leveraging the reuse of a nonce in a session.
network
high complexity
redhat linuxfoundation fedoraproject
6.8
2020-03-20 CVE-2019-19026 SQL Injection vulnerability in multiple products
Cloud Native Computing Foundation Harbor prior to 1.8.6 and 1.9.3 allows SQL Injection via project quotas in the VMware Harbor Container Registry for the Pivotal Platform.
network
low complexity
linuxfoundation pivotal CWE-89
4.9
2020-02-13 CVE-2019-10785 Cross-site Scripting vulnerability in multiple products
dojox is vulnerable to Cross-site Scripting in all versions before version 1.16.1, 1.15.2, 1.14.5, 1.13.6, 1.12.7 and 1.11.9.
network
low complexity
linuxfoundation debian CWE-79
6.1
2020-01-14 CVE-2020-6173 Resource Exhaustion vulnerability in Linuxfoundation the Update Framework
TUF (aka The Update Framework) 0.7.2 through 0.12.1 allows Uncontrolled Resource Consumption.
network
low complexity
linuxfoundation CWE-400
5.3
2019-12-03 CVE-2019-3990 Improper Privilege Management vulnerability in Linuxfoundation Harbor
A User Enumeration flaw exists in Harbor.
network
low complexity
linuxfoundation CWE-269
4.3
2019-11-19 CVE-2011-2924 Link Following vulnerability in multiple products
foomatic-rip filter v4.0.12 and prior used insecurely creates temporary files for storage of PostScript data by rendering the data when the debug mode was enabled.
5.5
2019-11-19 CVE-2011-2923 Link Following vulnerability in multiple products
foomatic-rip filter, all versions, used insecurely creates temporary files for storage of PostScript data by rendering the data when the debug mode was enabled.
local
low complexity
linuxfoundation debian CWE-59
5.5