Gluster Storage
Sign in to watchby Red Hat
Source repositories
CVEs (6)
| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2014-0160 | Hig | 0.71 | 7.5 | 0.94 | KEV | Apr 7, 2014 | The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c, aka the Heartbleed bug. |
| CVE-2011-3045 | Hig | 0.58 | 8.8 | 0.04 | Mar 22, 2012 | Integer signedness error in the png_inflate function in pngrutil.c in libpng before 1.4.10beta01, as used in Google Chrome before 17.0.963.83 and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file, a different vulnerability than CVE-2011-3026. | |
| CVE-2015-1795 | Hig | 0.51 | 7.8 | 0.00 | Jun 27, 2017 | Red Hat Gluster Storage RPM Package 3.2 allows local users to gain privileges and execute arbitrary code as root. | |
| CVE-2017-15087 | Hig | 0.49 | 7.5 | 0.00 | Nov 8, 2017 | It was discovered that the fix for CVE-2017-12163 was not properly shipped in erratum RHSA-2017:2858 for Red Hat Gluster Storage 3.3 for RHEL 6. | |
| CVE-2017-15086 | Hig | 0.48 | 7.4 | 0.00 | Nov 8, 2017 | It was discovered that the fix for CVE-2017-12151 was not properly shipped in erratum RHSA-2017:2858 for Red Hat Gluster Storage 3.3 for RHEL 6. | |
| CVE-2015-5242 | 0.00 | — | 0.01 | Nov 25, 2015 | OpenStack Swift-on-File (aka Swiftonfile) does not properly restrict use of the pickle Python module when loading metadata, which allows remote authenticated users to execute arbitrary code via a crafted extended attribute (xattrs). |