linuxfoundation
550 tracked vulnerabilities.
CVE-2023-25809
MEDIUM
runc < 1.1.5 - Unauthenticated Permission Overwrite in /sys/fs/cgroup
Mar 29, 2023
CVSS 5.0
EPSS 0.00
CVE-2023-27561
HIGH
runc < 1.1.5 - Privilege Escalation via Custom Volume-Mount Configurations
Mar 03, 2023
CVSS 7.0
EPSS 0.00
CVE-2023-25173
MEDIUM
containerd < 1.5.18 - Incorrect Authorization via Supplementary Group Handling
Feb 16, 2023
CVSS 5.3
EPSS 0.01
CVE-2023-25153
MEDIUM
containerd < 1.5.18 - Denial of Service via OCI Image Import
Feb 16, 2023
CVSS 6.2
EPSS 0.00
CVE-2023-25571
MEDIUM
Linuxfoundation Backstage Catalog-model < 1.2.0 - XSS
Feb 14, 2023
CVSS 6.8
EPSS 0.00
CVE-2023-25151
HIGH
opentelemetry-go-contrib 0.38.0-0.38.9 - Denial of Service via Query String Cardinality Exhaustion
Feb 08, 2023
CVSS 7.5
EPSS 0.01
CVE-2022-31671
HIGH
Harbor 2.0.0-2.4.2 and 1.0.0-1.10.12 - Authenticated Improper Authorization via P2P Preheat Execution Logs
Nov 14, 2024
CVSS 7.4
EPSS 0.01
CVE-2022-31670
HIGH
Harbor 1.0.0-1.10.12 - Authenticated Tag Retention Policy Modification via Permission Bypass
Nov 14, 2024
CVSS 7.7
EPSS 0.01
CVE-2022-31669
MEDIUM
Harbor 2.0.0-2.4.2 and 1.0.0-1.10.12 - Authenticated Improper Authorization in Tag Immutability Policy Update
Nov 14, 2024
CVSS 6.4
EPSS 0.00
CVE-2022-31668
HIGH
Harbor 2.0.0-2.4.2 - Authenticated Improper Authorization in P2P Preheat Policy Update
Nov 14, 2024
CVSS 7.4
EPSS 0.00
CVE-2022-31667
MEDIUM
Harbor 1.0.0-1.10.12 and 2.0.0-2.4.2 - Authenticated Improper Authorization via Robot Account Update
Nov 14, 2024
CVSS 6.4
EPSS 0.00
CVE-2022-31666
HIGH
Harbor 2.0.0-2.4.2 and 1.0.0-1.10.12 - Missing Authorization for Webhook Policy Management
Nov 14, 2024
CVSS 7.7
EPSS 0.00
CVE-2022-28357
CRITICAL
NATS nats-server <2.7.4 - Path Traversal
Sep 19, 2023
CVSS 9.8
EPSS 0.01
CVE-2022-32666
HIGH
Linuxfoundation Yocto - Denial of Service
Jul 04, 2023
CVSS 7.5
EPSS 0.01
CVE-2022-41354
MEDIUM
Argo CD < 2.4.28 and 2.5.0-2.5.16 - Unauthenticated Application Enumeration
Mar 27, 2023
CVSS 4.3
EPSS 0.01
CVE-2022-48363
HIGH
Automotive Grade Linux < 0.23.8 - Reachable Assertion via PipeWire Output Plugin
Feb 26, 2023
CVSS 7.5
EPSS 0.01
CVE-2022-25882
HIGH
ONNX < 1.13.0 - Path Traversal via Tensor Proto External Data Field
Jan 26, 2023
CVSS 7.5
EPSS 0.02
CVE-2022-46463
HIGH
Harbor 1.1.0-2.5.3 - Unauthenticated Access to Image Repositories
Jan 13, 2023
CVSS 7.5
EPSS 0.06
CVE-2022-4875
LOW
Fossology < 2023-01-02 - Cross-Site Scripting via sql/VarValue Argument
Jan 04, 2023
CVSS 2.4
EPSS 0.01
CVE-2022-23506
MEDIUM
Spinnaker Rosco < 1.27.3 - Sensitive Information Exposure in Packer Log Files
Jan 03, 2023
CVSS 4.3
EPSS 0.01
CVE-2022-23536
MEDIUM
Cortex <1.14.0 - Local File Inclusion
Dec 19, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-23471
MEDIUM
containerd < 1.5.16 - Memory Leak via CRI Stream Server Goroutine
Dec 07, 2022
CVSS 5.7
EPSS 0.01
CVE-2022-46770
HIGH
Mirage Firewall 0.8.0-0.8.3 - Denial of Service via Crafted Multicast UDP Packet
Dec 07, 2022
CVSS 7.5
EPSS 0.21
CVE-2022-45932
HIGH
OpenDaylight < 0.16.5 - SQL Injection via Role Deletion API
Nov 27, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-45931
HIGH
OpenDaylight < 0.16.5 - SQL Injection via User Deletion API
Nov 27, 2022
CVSS 7.5
EPSS 0.01
Products
yocto 114
nats-server 36
pytorch 31
everest 29
harbor 23
containerd 22
magma 22
runc 17
iot-yocto 15
cups-filters 14
backstage 13
dragonfly 13
onnx 11
open_network_operating_system 11
ceph 8
kubeedge 8
spinnaker 8
tekton_pipelines 8
automotive_grade_linux 6
cubefs 6
edge_virtualization_engine 5
foomatic-filters 5
osquery 5
dex 4
grpc_swift 4
indy-node 4
materialx 4
opendaylight 4
opentelemetry_instrumentation_for_java 4
rekor 4
Quick Filters