Skip to main content

Noobaa Operator

2 CVEs product

Monthly

CVE-2021-3529 HIGH This Week

A flaw was found in noobaa-core in versions before 5.7.0. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Noobaa Operator Openshift Container Platform
NVD
CVSS 3.1
7.1
EPSS
0.7%
CVE-2021-3528 HIGH PATCH This Week

A flaw was found in noobaa-operator in versions before 5.7.0, where internal RPC AuthTokens between the noobaa operator and the noobaa core are leaked into log files. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Insufficiently Protected Credentials vulnerability could allow attackers to obtain user credentials due to weak protection mechanisms.

Information Disclosure Noobaa Operator
NVD
CVSS 3.1
8.8
EPSS
0.9%
EPSS 1% CVSS 7.1
HIGH This Week

A flaw was found in noobaa-core in versions before 5.7.0. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Noobaa Operator Openshift Container Platform
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

A flaw was found in noobaa-operator in versions before 5.7.0, where internal RPC AuthTokens between the noobaa operator and the noobaa core are leaked into log files. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Insufficiently Protected Credentials vulnerability could allow attackers to obtain user credentials due to weak protection mechanisms.

Information Disclosure Noobaa Operator
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy