Vulnerabilities > Openzfs

DATE CVE VULNERABILITY TITLE RISK
2023-11-24 CVE-2023-49298 Authorization Bypass Through User-Controlled Key vulnerability in Openzfs
OpenZFS through 2.1.13 and 2.2.x through 2.2.1, in certain scenarios involving applications that try to rely on efficient copying of file data, can replace file contents with zero-valued bytes and thus potentially disable security mechanisms.
network
low complexity
openzfs CWE-639
7.5
2021-02-12 CVE-2013-20001 Unspecified vulnerability in Openzfs
An issue was discovered in OpenZFS through 2.0.3.
network
low complexity
openzfs
7.5
2020-08-27 CVE-2020-24717 Incorrect Default Permissions vulnerability in Openzfs
OpenZFS before 2.0.0-rc1, when used on FreeBSD, misinterprets group permissions as user permissions, as demonstrated by mode 0770 being equivalent to mode 0777.
local
low complexity
openzfs CWE-276
7.2
2020-08-27 CVE-2020-24716 Incorrect Permission Assignment for Critical Resource vulnerability in Openzfs
OpenZFS before 2.0.0-rc1, when used on FreeBSD, allows execute permissions for all directories.
local
low complexity
openzfs CWE-732
4.6