Linuxfoundation Cortex — known CVE vulnerabilities
Every CVE whose affected-product data names Linuxfoundation Cortex, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2022-23536 — CVSS 6.5 (medium): Cortex provides multi-tenant, long term storage for Prometheus. A local file inclusion vulnerability exists in Cortex versions 1.13.0…
CVE-2021-31232 — CVSS 5.5 (medium): The Alertmanager in CNCF Cortex before 1.8.1 has a local file disclosure vulnerability when -experimental.alertmanager.enable-api is used…
CVE-2021-36157 — CVSS 5.3 (medium): An issue was discovered in Grafana Cortex through 1.9.0. The header value X-Scope-OrgID is used to construct file paths for rules files…