Linuxfoundation Cubefs — known CVE vulnerabilities
Every CVE whose affected-product data names Linuxfoundation Cubefs, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2023-30512 — CVSS 6.5 (medium): CubeFS through 3.2.1 allows Kubernetes cluster-level privilege escalation. This occurs because DaemonSet has cfs-csi-cluster-role and can…
CVE-2023-46738 — CVSS 6.5 (medium): CubeFS is an open-source cloud-native file storage system. A security vulnerability was found in CubeFS HandlerNode in versions prior to…
CVE-2023-46739 — CVSS 6.5 (medium): CubeFS is an open-source cloud-native file storage system. A vulnerability was found during in the CubeFS master component in versions…
CVE-2023-46740 — CVSS 6.5 (medium): CubeFS is an open-source cloud-native file storage system. Prior to version 3.3.1, CubeFS used an insecure random string generator to…
CVE-2023-46741 — CVSS 4.8 (medium): CubeFS is an open-source cloud-native file storage system. A vulnerability was found in CubeFS prior to version 3.3.1 that could allow…
CVE-2023-46742 — CVSS 4.8 (medium): CubeFS is an open-source cloud-native file storage system. CubeFS prior to version 3.3.1 was found to leak users secret keys and access…