Vulnerabilities > Redhat > Gluster Storage > 2.1

DATE CVE VULNERABILITY TITLE RISK
2018-10-31 CVE-2018-14654 The Gluster file system through version 4.1.4 is vulnerable to abuse of the 'features/index' translator.
network
low complexity
redhat debian
6.5
2018-09-11 CVE-2018-1127 Session Fixation vulnerability in Redhat Gluster Storage
Tendrl API in Red Hat Gluster Storage before 3.4.0 does not immediately remove session tokens after a user logs out.
network
high complexity
redhat CWE-384
8.1
2014-04-07 CVE-2014-0160 Out-of-bounds Read vulnerability in multiple products
The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c, aka the Heartbleed bug.
7.5