This page lists publicly disclosed CVE vulnerabilities affecting clusterlabs fence-agents (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2014-0104 | In fence-agents before 4.0.17 does not verify remote SSL certificates in the fence_cisco_ucs.py script which can potentially allow for man-in-the-middle attackers to spoof SSL servers via arbitrary SSL certificates. | [email protected] | 5.9 | 0.83% | 2020-01-02 | 2026-06-16 |
| CVE-2019-10153 | A flaw was discovered in fence-agents, prior to version 4.3.4, where using non-ASCII characters in a guest VM's comment or other fields would cause fence_rhevm to exit with an exception. In cluster environments, this could lead to preventing automated recovery or otherwise denying service to clusters of which that VM is a member. | [email protected] | 5.0 | 2.17% | 2019-07-30 | 2026-06-16 |