Tcmu-runner Project Tcmu-runner — known CVE vulnerabilities
Every CVE whose affected-product data names Tcmu-runner Project Tcmu-runner, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2021-3139 — CVSS 8.1 (high): In Open-iSCSI tcmu-runner 1.3.x, 1.4.x, and 1.5.x through 1.5.2, xcopy_locate_udev in tcmur_cmd_handler.c lacks a check for transport-layer…
CVE-2017-1000198 — CVSS 7.5 (high): tcmu-runner daemon version 0.9.0 to 1.2.0 is vulnerable to invalid memory references in the handler_glfs.so handler resulting in denial of…
CVE-2017-1000199 — CVSS 7.5 (high): tcmu-runner version 0.91 up to 1.20 is vulnerable to information disclosure in handler_qcow.so resulting in non-privileged users being able…
CVE-2017-1000200 — CVSS 7.5 (high): tcmu-runner version 1.0.5 to 1.2.0 is vulnerable to a dbus triggered NULL pointer dereference in the tcmu-runner daemon's…
CVE-2017-1000201 — CVSS 5.5 (medium): The tcmu-runner daemon in tcmu-runner version 1.0.5 to 1.2.0 is vulnerable to a local denial of service attack