Vulnerabilities > Redhat > Gluster Storage > 3.5
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-02-21 | CVE-2021-44142 | Out-of-bounds Write vulnerability in multiple products The Samba vfs_fruit module uses extended file attributes (EA, xattr) to provide "...enhanced compatibility with Apple SMB clients and interoperability with a Netatalk 3 AFP fileserver." Samba versions prior to 4.13.17, 4.14.12 and 4.15.5 with vfs_fruit configured allow out-of-bounds heap read and write via specially crafted extended file attributes. | 8.8 |
2022-02-18 | CVE-2016-2124 | Improper Authentication vulnerability in multiple products A flaw was found in the way samba implemented SMB1 authentication. | 5.9 |
2022-02-18 | CVE-2020-25717 | Improper Input Validation vulnerability in multiple products A flaw was found in the way Samba maps domain users to local users. | 8.1 |
2020-11-24 | CVE-2020-10763 | Information Exposure Through Log Files vulnerability in multiple products An information-disclosure flaw was found in the way Heketi before 10.1.0 logs sensitive information. | 5.5 |
2018-10-31 | CVE-2018-14654 | The Gluster file system through version 4.1.4 is vulnerable to abuse of the 'features/index' translator. | 6.5 |
2018-04-18 | CVE-2018-1088 | A privilege escalation flaw was found in gluster 3.x snapshot scheduler. | 8.1 |