Vulnerabilities > Linuxfoundation > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-26 | CVE-2023-33199 | Reachable Assertion vulnerability in Linuxfoundation Rekor Rekor's goals are to provide an immutable tamper resistant ledger of metadata generated within a software projects supply chain. | 5.3 |
| 2023-05-11 | CVE-2023-29195 | Unspecified vulnerability in Linuxfoundation Vitess Vitess is a database clustering system for horizontal scaling of MySQL through generalized sharding. | 4.3 |
| 2023-04-26 | CVE-2023-30841 | Cleartext Transmission of Sensitive Information vulnerability in Linuxfoundation Baremetal Operator Baremetal Operator (BMO) is a bare metal host provisioning integration for Kubernetes. | 5.5 |
| 2023-04-24 | CVE-2023-2250 | Unspecified vulnerability in Linuxfoundation Open Cluster Management A flaw was found in the Open Cluster Management (OCM) when a user have access to the worker nodes which has the cluster-manager-registration-controller or cluster-manager deployments. | 6.7 |
| 2023-04-12 | CVE-2023-30512 | Incorrect Permission Assignment for Critical Resource vulnerability in Linuxfoundation Cubefs CubeFS through 3.2.1 allows Kubernetes cluster-level privilege escalation. | 6.5 |
| 2023-03-29 | CVE-2023-25809 | Improper Preservation of Permissions vulnerability in Linuxfoundation Runc runc is a CLI tool for spawning and running containers according to the OCI specification. | 6.3 |
| 2023-02-16 | CVE-2023-25153 | Allocation of Resources Without Limits or Throttling vulnerability in Linuxfoundation Containerd containerd is an open source container runtime. | 5.5 |
| 2023-02-14 | CVE-2023-25571 | Cross-site Scripting vulnerability in Linuxfoundation products Backstage is an open platform for building developer portals. | 5.4 |
| 2023-01-18 | CVE-2021-4314 | Improper Authentication vulnerability in Linuxfoundation Zowe API Mediation Layer It is possible to manipulate the JWT token without the knowledge of the JWT secret and authenticate without valid JWT token as any user. | 5.3 |
| 2023-01-04 | CVE-2022-4875 | Cross-site Scripting vulnerability in Linuxfoundation Fossology A vulnerability has been found in fossology and classified as problematic. | 6.1 |