Vulnerabilities > Openafs > Openafs > 1.8.2

DATE CVE VULNERABILITY TITLE RISK
2019-10-29 CVE-2019-18603 Use of Uninitialized Resource vulnerability in multiple products
OpenAFS before 1.6.24 and 1.8.x before 1.8.5 is prone to information leakage upon certain error conditions because uninitialized RPC output variables are sent over the network to a peer.
network
high complexity
openafs debian CWE-908
5.9
5.9
2019-10-29 CVE-2019-18602 Use of Uninitialized Resource vulnerability in multiple products
OpenAFS before 1.6.24 and 1.8.x before 1.8.5 is prone to an information disclosure vulnerability because uninitialized scalars are sent over the network to a peer.
network
low complexity
openafs debian CWE-908
7.5
7.5
2019-10-29 CVE-2019-18601 Deserialization of Untrusted Data vulnerability in Openafs
OpenAFS before 1.6.24 and 1.8.x before 1.8.5 is prone to denial of service from unserialized data access because remote attackers can make a series of VOTE_Debug RPC calls to crash a database server within the SVOTE_Debug RPC handler.
network
low complexity
openafs CWE-502
7.5
7.5