The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.
It was found that usage of snprintf function in feature/locks translator of glusterfs server 3.8.4, as shipped with Red Hat Gluster Storage, was vulnerable to a format string attack. A remote, authenticated attacker could use this flaw to cause remote denial of service.
Base Score: 4
Impact Score: 2.9
Exploitability Score: 8
Base Score: 6.5
Impact Score: 3.6
Exploitability Score: 2.8
|123580||GLSA-201904-06 : GlusterFS: Multiple Vulnerabilities||Nessus||Gentoo Local Security Checks|
|120711||Fedora 28 : glusterfs (2018-af9bd28cf1)||Nessus||Fedora Local Security Checks|
|120641||Fedora 29 : glusterfs (2018-986f0b7fb0)||Nessus||Fedora Local Security Checks|
|118790||RHEL 7 : Virtualization Manager (RHSA-2018:3470)||Nessus||Red Hat Local Security Checks|
|118733||Debian DLA-1565-1 : glusterfs security update||Nessus||Debian Local Security Checks|
|118583||RHEL 7 : glusterfs (RHSA-2018:3432)||Nessus||Red Hat Local Security Checks|
|118582||RHEL 6 : glusterfs (RHSA-2018:3431)||Nessus||Red Hat Local Security Checks|