linuxfoundation

523 tracked vulnerabilities.

CVE-2022-29162 MEDIUM
runc < 1.1.2 - Incorrect Default Permissions via Inheritable Capabilities
May 17, 2022
CVSS 5.9
EPSS 0.00
CVE-2022-24778 HIGH
imgcrypt < 1.1.4 - Incorrect Authorization via ManifestList Architecture Handling
Mar 25, 2022
CVSS 7.5
EPSS 0.00
CVE-2022-24777 HIGH
grpc-swift < 1.7.2 - Denial of Service via GOAWAY Frame Handling
Mar 25, 2022
CVSS 7.5
EPSS 0.00
CVE-2022-24769 MEDIUM
Moby <20.10.14 - Privilege Escalation
Mar 24, 2022
CVSS 5.9
EPSS 0.00
CVE-2022-26652 MEDIUM
NATS nats-server <2.7.4 - Path Traversal
Mar 10, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-23648 HIGH
containerd < 1.4.12 - Unauthorized File Access via CRI Image Configuration
Mar 03, 2022
CVSS 7.5
EPSS 0.06
CVE-2022-24450 HIGH
NATS nats-server <2.7.2 - Privilege Escalation
Feb 08, 2022
CVSS 8.8
EPSS 0.01
CVE-2021-4326 LOW
Imperative framework - Command Injection
Mar 01, 2023
CVSS 3.3
EPSS 0.00
CVE-2021-32163 CRITICAL
Linuxfoundation Modular Open Smart Network - Incorrect Authorization
Feb 17, 2023
CVSS 9.8
EPSS 0.00
CVE-2021-4314 MEDIUM
Zowe API Mediation Layer 1.16.0-1.18.9 - Improper Privilege Management via JWT Token Manipulation
Jan 18, 2023
CVSS 5.3
EPSS 0.00
CVE-2021-43816 HIGH
containerd <1.5.0-beta.0 - Info Disclosure
Jan 05, 2022
CVSS 8.0
EPSS 0.00
CVE-2021-43832 CRITICAL
Spinnaker < 1.25.8 - Unauthenticated Pipeline Creation and Execution
Jan 04, 2022
CVSS 10.0
EPSS 0.02
CVE-2021-39143 MEDIUM
Spinnaker < 1.24.7 - Path Traversal via TAR File Extraction in AppEngine Deployments
Jan 04, 2022
CVSS 6.6
EPSS 0.00
CVE-2021-45702 HIGH
tremor-script <0.11.6 - Use After Free
Dec 27, 2021
CVSS 7.5
EPSS 0.00
CVE-2021-45701 CRITICAL
tremor-script <0.11.6 - Use After Free
Dec 27, 2021
CVSS 9.8
EPSS 0.00
CVE-2021-23450 HIGH
dojo < 1.17.0 - Prototype Pollution via setObject Function
Dec 17, 2021
CVSS 7.5
EPSS 0.02
CVE-2021-36780 HIGH
Longhorn < 1.1.3 - Unauthenticated Critical Function Access via Replica Instance
Dec 17, 2021
CVSS 8.1
EPSS 0.00
CVE-2021-36779 CRITICAL
Longhorn < 1.1.3 - Unauthenticated Arbitrary Binary Execution
Dec 17, 2021
CVSS 9.6
EPSS 0.00
CVE-2021-41272 HIGH
Besu 21.10.0-21.10.1 - Incorrect Conversion between Numeric Types in SHL/SHR/SAR Operations
Dec 13, 2021
CVSS 7.5
EPSS 0.00
CVE-2021-43784 MEDIUM
runc < 1.0.3 - Namespace Bypass via Netlink Integer Overflow
Dec 06, 2021
CVSS 6.0
EPSS 0.00
CVE-2021-43783 HIGH
@backstage/plugin-scaffolder-backend - Path Traversal
Nov 29, 2021
CVSS 8.5
EPSS 0.00
CVE-2021-43776 HIGH
Backstage auth-backend < 0.4.9 - Cross-Site Scripting via Malicious URL
Nov 26, 2021
CVSS 7.4
EPSS 0.00
CVE-2021-43669 HIGH
Hyperledger Fabric 1.4.0, 2.0.0, 2.0.1, 2.3.0 - Denial of Service via Invalid Order Header
Nov 18, 2021
CVSS 7.5
EPSS 0.00
CVE-2021-43667 HIGH
HyperLedger Fabric <2.1.0 - Use After Free
Nov 18, 2021
CVSS 7.5
EPSS 0.01
CVE-2021-41190 LOW
OCI Distribution Spec <1.0.0 - Info Disclosure
Nov 17, 2021
CVSS 3.0
EPSS 0.00
Products
yocto 114 pytorch 31 everest 29 nats-server 24 harbor 23 magma 22 containerd 16 runc 16 iot-yocto 15 cups-filters 14 backstage 13 dragonfly 13 open_network_operating_system 11 onnx 10 ceph 8 kubeedge 8 spinnaker 8 tekton_pipelines 8 automotive_grade_linux 6 cubefs 6 edge_virtualization_engine 5 foomatic-filters 5 osquery 5 dex 4 grpc_swift 4 indy-node 4 materialx 4 opendaylight 4 rekor 4 the_update_framework 4
Quick Filters
Critical CVEs With Exploits In CISA KEV