Vulnerabilities > Redhat > Gluster Storage

DATE CVE VULNERABILITY TITLE RISK
2018-10-08 CVE-2018-1000808 Improper Resource Shutdown or Release vulnerability in multiple products
Python Cryptographic Authority pyopenssl version Before 17.5.0 contains a CWE - 401 : Failure to Release Memory Before Removing Last Reference vulnerability in PKCS #12 Store that can result in Denial of service if memory runs low or is exhausted.
network
high complexity
pyopenssl-project canonical redhat CWE-404
5.9
2018-09-11 CVE-2018-1127 Session Fixation vulnerability in Redhat Gluster Storage
Tendrl API in Red Hat Gluster Storage before 3.4.0 does not immediately remove session tokens after a user logs out.
network
high complexity
redhat CWE-384
8.1
2018-09-04 CVE-2018-10928 A flaw was found in RPC request using gfs3_symlink_req in glusterfs server which allows symlink destinations to point to file paths outside of the gluster volume.
network
low complexity
redhat debian gluster opensuse
8.8
2018-07-26 CVE-2017-12150 It was found that samba before 4.4.16, 4.5.x before 4.5.14, and 4.6.x before 4.6.8 did not enforce "SMB signing" when certain configuration options were enabled.
network
high complexity
samba redhat debian
7.4
2018-07-26 CVE-2017-12163 An information leak flaw was found in the way SMB1 protocol was implemented by Samba before 4.4.16, 4.5.x before 4.5.14, and 4.6.x before 4.6.8.
low complexity
samba redhat debian
7.1
2018-07-19 CVE-2017-7481 Ansible before versions 2.3.1.0 and 2.4.0.0 fails to properly mark lookup-plugin results as unsafe.
network
low complexity
redhat canonical debian
critical
9.8
2018-07-13 CVE-2018-10875 Untrusted Search Path vulnerability in multiple products
A flaw was found in ansible.
local
low complexity
redhat debian suse canonical CWE-426
7.8
2018-04-18 CVE-2018-1088 A privilege escalation flaw was found in gluster 3.x snapshot scheduler.
network
high complexity
redhat opensuse debian
8.1
2017-11-08 CVE-2017-15087 Unspecified vulnerability in Redhat Gluster Storage 3.3
It was discovered that the fix for CVE-2017-12163 was not properly shipped in erratum RHSA-2017:2858 for Red Hat Gluster Storage 3.3 for RHEL 6.
network
low complexity
redhat
7.5
2017-11-08 CVE-2017-15086 Unspecified vulnerability in Redhat Gluster Storage 3.3
It was discovered that the fix for CVE-2017-12151 was not properly shipped in erratum RHSA-2017:2858 for Red Hat Gluster Storage 3.3 for RHEL 6.
network
high complexity
redhat
7.4