Vulnerabilidades em YugabyteDB
11 resultadosCVE-2023-0575HIGHRemote Code ExecutionEPSS 0.8%CVE-2023-0574MEDIUMServer-Side Request ForgeryEPSS 0.6%CVE-2023-6001MEDIUMPrometheus Metrics Accessible Pre-AuthenticationEPSS 0.6%CVE-2023-0745MEDIUMArbitrary File Write in High Availability Backup UploadEPSS 0.5%CVE-2023-6002MEDIUMLog InjectionEPSS 0.4%CVE-2023-4640MEDIUMSet Logging Level Without AuthenticationEPSS 0.3%CVE-2024-11193MEDIUMAn information disclosure vulnerability exists in Yugabyte Anywhere, where the LDAP bind password is logged in plaintext within application EPSS 0.3%CVE-2024-0006MEDIUMDB User Password Leak in Application LogEPSS 0.3%CVE-2024-6908MEDIUMAdmin Can Escalate Privileges to SuperAdmin Using Manual PUT RequestEPSS 0.3%CVE-2024-6895MEDIUMInsecure Account Profile ManagementEPSS 0.2%CVE-2024-11165MEDIUMAn information disclosure vulnerability exists in the backup configuration process where the SAS token is not masked in the configuration reEPSS 0.1%