Vulnerabilities > Redhat > Gluster Storage > 3.5

DATE CVE VULNERABILITY TITLE RISK
2022-02-21 CVE-2021-44142 Out-of-bounds Write vulnerability in multiple products
The Samba vfs_fruit module uses extended file attributes (EA, xattr) to provide "...enhanced compatibility with Apple SMB clients and interoperability with a Netatalk 3 AFP fileserver." Samba versions prior to 4.13.17, 4.14.12 and 4.15.5 with vfs_fruit configured allow out-of-bounds heap read and write via specially crafted extended file attributes.
8.8
2022-02-18 CVE-2016-2124 Improper Authentication vulnerability in multiple products
A flaw was found in the way samba implemented SMB1 authentication.
network
high complexity
samba debian fedoraproject redhat canonical CWE-287
5.9
2022-02-18 CVE-2020-25717 Improper Input Validation vulnerability in multiple products
A flaw was found in the way Samba maps domain users to local users.
network
low complexity
samba debian fedoraproject redhat canonical CWE-20
8.1
2020-11-24 CVE-2020-10763 Information Exposure Through Log Files vulnerability in multiple products
An information-disclosure flaw was found in the way Heketi before 10.1.0 logs sensitive information.
local
low complexity
heketi-project redhat CWE-532
2.1
2018-10-31 CVE-2018-14654 Path Traversal vulnerability in multiple products
The Gluster file system through version 4.1.4 is vulnerable to abuse of the 'features/index' translator.
network
low complexity
redhat debian CWE-22
6.5
2018-04-18 CVE-2018-1088 Incorrect Privilege Assignment vulnerability in multiple products
A privilege escalation flaw was found in gluster 3.x snapshot scheduler.
network
high complexity
redhat opensuse debian CWE-266
8.1