from 0, < 5.1-1
from 0, < 3.5.2-2+deb8u5
HIGH8.8CVE-2018-14653The Gluster file system through versions 4.1.4 and 3.12 is vulnerable to a heap-based buffer overflow in the '__server_getspec' function vi… from 0, < 5.1-1
HIGH8.8A flaw was found in RPC request using gfs2_create_req in glusterfs server.
from 0, < 4.1.4-1
HIGH8.8A flaw was found in RPC request using gfs3_symlink_req in glusterfs server which allows symlink destinations to point to file paths outside…
from 0, < 4.1.4-1
HIGH8.8A flaw was found in RPC request using gfs3_mknod_req supported by glusterfs server.
from 0, < 4.1.4-1
HIGH8.8It was found that glusterfs server is vulnerable to multiple stack based buffer overflows due to functions in server-rpc-fopc.c allocating…
from 0, < 4.1.4-1
HIGH8.8glusterfs - security update
from 0, < 4.1.4-1
HIGH8.8glusterfs - security update
from 0, < 3.5.2-2+deb8u4
HIGH8.8glusterfs - security update
from 0, < 3.8.8-1+deb9u1
HIGH8.8glusterfs - security update
from 0, < 4.1.2-1
HIGH8.1A flaw was found in RPC request using gfs3_lookup_req in glusterfs server.
from 0, < 4.1.4-1
HIGH8.1It was found that the "mknod" call derived from mknod(2) can create files pointing to devices on a glusterfs server node.
from 0, < 4.1.4-1
HIGH8.1A privilege escalation flaw was found in gluster 3.x snapshot scheduler.
from 0, < 4.0.2-1
HIGH7.5In Gluster GlusterFS 11.0, there is an xlators/mount/fuse/src/fuse-bridge.c notify stack-based buffer over-read.
from 0
HIGH7.5In Gluster GlusterFS 11.0, there is an xlators/cluster/dht/src/dht-common.c dht_setxattr_mds_cbk use-after-free.
from 0
HIGH7.5A flaw was found in the way dic_unserialize function of glusterfs does not handle negative key length values.
from 0, < 4.1.4-1
MEDIUM6.5A flaw was found in glusterfs server through versions 4.1.4 and 3.1.2 which allowed repeated usage of GF_META_LOCK_KEY xattr.
from 0, < 5.1-1
MEDIUM6.5It was found that usage of snprintf function in feature/locks translator of glusterfs server 3.8.4, as shipped with Red Hat Gluster Storage…
from 0, < 5.1-1
MEDIUM6.5The Gluster file system through versions 4.1.4 and 3.1.2 is vulnerable to a denial of service attack via use of the 'GF_XATTR_IOSTATS_DUMP_…
from 0, < 5.1-1
MEDIUM6.5The Gluster file system through version 4.1.4 is vulnerable to abuse of the 'features/index' translator.
from 0, < 5.1-1
MEDIUM6.5The Gluster file system through versions 3.12 and 4.1.4 is vulnerable to a buffer overflow in the 'features/index' translator via the code…
from 0, < 5.0-1
MEDIUM6.5A flaw was found in RPC request using gfs3_rename_req in glusterfs server.
from 0, < 4.1.4-1
MEDIUM6.5It was discovered that fsync(2) system call in glusterfs client code leaks memory.
from 0, < 4.0.1-1
MEDIUM6.5It was found that an attacker could issue a xattr request via glusterfs FUSE to cause gluster brick process to crash which will result in a…
from 0, < 4.1.4-1
MEDIUM6.5An information disclosure vulnerability was discovered in glusterfs server.
from 0, < 4.1.4-1
LOW3.3A flaw was found in GlusterFS in versions prior to 3.10.
from 0, < 3.12.2-2
—The __socket_proto_state_machine function in GlusterFS 3.5 allows remote attackers to cause a denial of service (infinite loop) via a "0000…
from 0, < 3.5.2-2
—The GlusterFS functionality in Red Hat Storage Management Console 2.0, Native Client, and Server 2.0 allows local users to overwrite arbitr…
from 0, < 3.5.0-1
—GlusterFS 3.3.0, as used in Red Hat Storage server 2.0, allows local users to overwrite arbitrary files via a symlink attack on temporary f…
from 0, < 3.2.7-5