Browse all 7 CVE security advisories affecting Open Mainframe Project. AI-powered Chinese analysis, POCs, and references for each vulnerability.
The Open Mainframe Project develops open-source solutions for mainframe systems, enabling organizations to modernize legacy infrastructure while maintaining critical operations. Historically, vulnerabilities have included remote code execution, cross-site scripting, and privilege escalation, often stemming from improper input validation and access control flaws. The project maintains a moderate security posture with seven recorded CVEs, though no major incidents have been documented. Its collaborative nature encourages rapid vulnerability disclosure and patching, with security updates typically released through community channels. The project's focus on transparency and industry standards helps mitigate risks associated with mainframe environments, which remain attractive targets due to their handling of sensitive data and critical infrastructure.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-9802 | Conformance validation endpoint discloses detail about service to unauthenticated users — Zowe | 5.3 | Medium | 2024-10-10 |
| CVE-2024-9798 | Health endpoint offers list of onboarded services to unauthenticated users — Zowe | 5.3 | Critical | 2024-10-10 |
| CVE-2024-6916 | Zowe CLI --show-inputs-only displays securely stored properties — Zowe CLI - Imperative | 5.9 | Medium | 2024-07-19 |
| CVE-2024-6834 | Imperative Local Command Injection allows Activity Masking — Zowe | 9.0 | Critical | 2024-07-17 |
| CVE-2024-6833 | Zowe CLI Auto-Init Leaks Credentials Locally — Zowe | 5.9 | Medium | 2024-07-17 |
| CVE-2021-4326 | Imperative Local Command Injection allows Activity Masking — Zowe | 3.3 | Low | 2023-02-22 |
| CVE-2021-4314 | API Mediation Layer 授权问题漏洞 — ZoweCWE-269 | 5.3 | - | 2023-01-18 |
This page lists every published CVE security advisory associated with Open Mainframe Project. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.