Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Glusterfs
(Gluster)Repositories |
Unknown: This might be proprietary software. |
#Vulnerabilities | 23 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2018-04-25 | CVE-2018-1112 | glusterfs server before versions 3.10.12, 4.0.2 is vulnerable when using 'auth.allow' option which allows any unauthenticated gluster client to connect from any network to mount gluster storage volumes. NOTE: this vulnerability exists because of a CVE-2018-1088 regression. | Glusterfs | 8.8 | ||
2018-09-04 | CVE-2018-10924 | It was discovered that fsync(2) system call in glusterfs client code leaks memory. An authenticated attacker could use this flaw to launch a denial of service attack by making gluster clients consume memory of the host machine. | Glusterfs | 6.5 |