rbd-nbd vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the rbd-nbd package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free

Vulnerability	Vulnerable Version
H Cross-site Scripting (XSS)	*
H Cross-site Scripting (XSS)	*
M Information Exposure	*
H Cross-site Scripting (XSS)	*
M Information Exposure	*
H Cross-site Scripting (XSS)	*
M Information Exposure	*
M Information Exposure	*
M Reachable Assertion	*
M Reachable Assertion	*
M Reachable Assertion	*
H Improper Input Validation	*
H Improper Input Validation	*
H Improper Input Validation	*
H Improper Input Validation	<2:19.2.1-292.el9cp
M Creation of Immutable Text Using String Concatenation	*
M Improper Validation of Syntactic Correctness of Input	*
M Improper Validation of Syntactic Correctness of Input	*
M Creation of Immutable Text Using String Concatenation	*
M Improper Validation of Syntactic Correctness of Input	*
M Creation of Immutable Text Using String Concatenation	*
M Allocation of Resources Without Limits or Throttling	*
M Allocation of Resources Without Limits or Throttling	*
M Allocation of Resources Without Limits or Throttling	*
M Allocation of Resources Without Limits or Throttling	*
M Allocation of Resources Without Limits or Throttling	*
M Allocation of Resources Without Limits or Throttling	*
M Improper Output Neutralization for Logs	*
M Improper Output Neutralization for Logs	*
M Improper Output Neutralization for Logs	*
M Expected Behavior Violation	*
M Expected Behavior Violation	*
M Expected Behavior Violation	*
M Cross-site Scripting (XSS)	*
M Cross-site Scripting (XSS)	*
H Directory Traversal	*
H Directory Traversal	*
H Improper Neutralization of Special Elements Used in a Template Engine	*
H Cross-site Scripting (XSS)	<2:19.2.1-292.el9cp
H Exposure of Resource to Wrong Sphere	*
H Improper Neutralization of Special Elements Used in a Template Engine	*
M Cross-site Scripting (XSS)	*
H Exposure of Resource to Wrong Sphere	*
M Time-of-check Time-of-use (TOCTOU)	*
M Time-of-check Time-of-use (TOCTOU)	*
M Time-of-check Time-of-use (TOCTOU)	*
M Least Privilege Violation	*
M Least Privilege Violation	*
H Open Redirect	<2:19.2.1-222.el9cp
H Integer Overflow or Wraparound	<2:19.2.1-222.el9cp
H Algorithmic Complexity	<2:19.2.1-222.el9cp
H Allocation of Resources Without Limits or Throttling	<2:19.2.1-222.el9cp
H Improper Input Validation	<2:19.2.1-222.el9cp
H Insufficient Verification of Data Authenticity	<2:19.2.1-222.el9cp
M Least Privilege Violation	*
M Least Privilege Violation	*
M CVE-2025-4673	*
M CVE-2025-4673	*
M CVE-2025-4673	*
H Improper Input Validation	<2:19.2.1-222.el9cp
M Information Exposure	*
M Information Exposure	*
M Information Exposure	*
M Cross-site Scripting (XSS)	*
M Cross-site Scripting (XSS)	*
M Cross-site Scripting (XSS)	*
M Cross-site Scripting (XSS)	*
H Directory Traversal	<2:18.2.1-329.el9cp
H Open Redirect	<2:18.2.1-329.el9cp
H Cross-site Request Forgery (CSRF)	<2:18.2.1-329.el9cp
H Misinterpretation of Input	<2:18.2.1-329.el9cp
H Truncation of Security-relevant Information	<2:18.2.1-329.el9cp
H Insufficient Verification of Data Authenticity	<2:18.2.1-329.el9cp
H Allocation of Resources Without Limits or Throttling	<2:18.2.1-329.el9cp
H Improper Input Validation	<2:18.2.1-329.el9cp
H Directory Traversal	<2:17.2.6-277.el9cp
M HTTP Request Smuggling	*
M HTTP Request Smuggling	*
M HTTP Request Smuggling	*
H Directory Traversal	<2:19.2.1-222.el9cp
M Improper Input Validation	*
M Improper Input Validation	*
H Insufficient Verification of Data Authenticity	<2:19.2.0-55.el9cp
H Insufficient Verification of Data Authenticity	*
H Insufficient Verification of Data Authenticity	<2:17.2.6-277.el9cp
H Insufficient Verification of Data Authenticity	<2:18.2.1-329.el9cp
M Cross-site Scripting (XSS)	*
M Cross-site Scripting (XSS)	*
M Cross-site Scripting (XSS)	*
M Directory Traversal	<2:16.2.10-266.el9cp
M Allocation of Resources Without Limits or Throttling	<2:16.2.10-266.el9cp
M NULL Pointer Dereference	*
C Directory Traversal	<2:18.2.1-194.el9cp
C Resource Exhaustion	<2:18.2.1-194.el9cp
C CVE-2023-4822	<2:18.2.1-194.el9cp
C Authentication Bypass by Primary Weakness	<2:18.2.1-194.el9cp
C Directory Traversal	<2:17.2.6-216.el9cp
M Improper Input Validation	<2:16.2.10-248.el9cp
M Insufficient Granularity of Access Control	<2:16.2.10-248.el9cp
M Improper Input Validation	<2:17.2.6-148.el9cp
M Missing Synchronization	<2:17.2.6-167.el9cp
M Improper Access Control	<2:17.2.6-167.el9cp
M Resource Exhaustion	<2:16.2.10-266.el9cp
M Insufficient Granularity of Access Control	<2:17.2.6-148.el9cp
M Inefficient Regular Expression Complexity	*
M Improper Handling of URL Encoding (Hex Encoding)	*
H Placement of User into Incorrect Group	<2:16.2.10-138.el9cp
M Incorrect Authorization	<2:16.2.8-84.el9cp
M Resource Exhaustion	*
M Resource Exhaustion	<2:17.2.6-70.el9cp
L Cross-site Scripting (XSS)	*
M Cross-site Scripting (XSS)	<2:17.2.6-70.el9cp
M Overly Restrictive Regular Expression	*
M Overly Restrictive Regular Expression	*
M Directory Traversal	<2:16.2.10-94.el9cp
M Out-of-bounds Read	*
M Cross-site Scripting (XSS)	*
M Cross-site Scripting (XSS)	<2:17.2.6-148.el9cp
M Resource Exhaustion	*
M Cross-site Scripting (XSS)	*
M Cross-site Scripting (XSS)	<2:17.2.6-148.el9cp
M Cross-site Scripting (XSS)	<2:17.2.6-148.el9cp
M Cross-site Scripting (XSS)	*

Vulnerability

Vulnerable Version

Cross-site Scripting (XSS)