Browse all 3 CVE security advisories affecting The OpenAFS Foundation. AI-powered Chinese analysis, POCs, and references for each vulnerability.
The OpenAFS Foundation develops and maintains OpenAFS, a distributed file system designed for scalable, secure file sharing across large networks. Historically, vulnerabilities have included remote code execution, privilege escalation, and denial-of-service flaws, often stemming from buffer overflows and improper input validation. The project maintains a moderate security posture with three CVEs recorded, reflecting its mature codebase but occasional lapses in memory safety. While no major incidents have been widely documented, the system's complexity in distributed environments requires careful configuration to prevent unauthorized access and ensure data integrity.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-10397 | Preallocated buffer overflows in XDR responses — OpenAFSCWE-787 | 9.8AI | CriticalAI | 2024-11-14 |
| CVE-2024-10396 | Fileserver crash and possible information leak on StoreACL/FetchACL — OpenAFSCWE-772 | 6.5 | Medium | 2024-11-14 |
| CVE-2024-10394 | Theft of credentials in Unix client PAGs — OpenAFSCWE-305 | 7.8AI | HighAI | 2024-11-14 |
This page lists every published CVE security advisory associated with The OpenAFS Foundation. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.