Vulnerability & Exploit Database

Displaying all 3 entries

Results for: CVE-2018-10928 Back to search

Red Hat: CVE-2018-10928: Important: Red Hat Gluster Storage security, bug fix, and enhancement update ((Multiple Advisories)) Vulnerability

  • Severity: 7
  • Published: September 04, 2018

Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.

From RHSA-2018:2608:

GlusterFS is a key building block of Red Hat Gluster Storage. It is based on a stackable user-space design and can deliver exceptional per...

Debian: CVE-2018-10928: glusterfs -- security update Vulnerability

  • Severity: 7
  • Published: September 04, 2018

A flaw was found in RPC request using gfs3_symlink_req in glusterfs server which allows symlink destinations to point to file paths outside of the gluster volume. An authenticated attacker could use this flaw to create arbitrary symlinks pointing anywhere on the server and execute arbitrary code on glusterfs server nodes.

SUSE: CVE-2017-10928: SUSE Linux Security Advisory Vulnerability

  • Severity: 7
  • Published: July 05, 2017

In ImageMagick 7.0.6-0, a heap-based buffer over-read in the GetNextToken function in token.c allows remote attackers to obtain sensitive information from process memory or possibly have unspecified other impact via a crafted SVG document that is mishandled in the GetUserSpaceCoordinateValue function in coders/svg.c.