Browse all 5 CVE security advisories affecting The Gluster Project. AI-powered Chinese analysis, POCs, and references for each vulnerability.
The Gluster Project is an open-source distributed file system designed for scalable network storage, commonly used in cloud environments and data-intensive applications. Historically, it has been vulnerable to remote code execution, privilege escalation, and denial-of-service flaws, often stemming from improper input validation and access control issues. The project has faced notable security concerns, including a critical RCE vulnerability (CVE-2018-14646) that allowed attackers to execute arbitrary code via crafted requests, and several privilege escalation weaknesses in its management interfaces. Despite these issues, Gluster remains relevant for organizations requiring cost-effective, scalable storage solutions, though deployments should implement strict access controls and regular patching to mitigate known risks.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2018-14661 | GlusterFS 输入验证错误漏洞 — glusterfs-serverCWE-20 | 6.5 | - | 2018-10-31 |
| CVE-2018-14652 | Red Hat Gluster 缓冲区错误漏洞 — glusterfsCWE-120 | 6.5 | - | 2018-10-31 |
| CVE-2018-14653 | Red Hat Gluster 缓冲区错误漏洞 — glusterfsCWE-122 | 8.8 | - | 2018-10-31 |
| CVE-2018-14654 | Red Hat Gluster 路径遍历漏洞 — glusterfsCWE-22 | 6.5 | - | 2018-10-31 |
| CVE-2018-14659 | Red Hat Gluster 资源管理错误漏洞 — glusterfsCWE-400 | 6.5 | - | 2018-10-31 |
This page lists every published CVE security advisory associated with The Gluster Project. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.