Analyzed
1 day
ago.
based on code collected
1 day
ago.
Major Versions
click and drag to zoom
Security Vulnerabilities for Version:
Severities:
Type
|
Identifier
|
Related Record |
Severity
|
Date Published
|
Description | Versions Affected |
|---|---|---|---|---|---|
| CVE-2022-0860 | Critical | Mar 11, 2022 | Improper Authorization in GitHub repository cobbler/cobbler prior to 3.3.2. |
3.2.3, 3.3.1, v3.0.1, 2.8.5, 2.8.0, v2.6.8, v2.6.4, v2.4.7, v2.6.2, v2.4.5
|
|
| CVE-2021-45083 | High | Feb 20, 2022 | An issue was discovered in Cobbler before 3.3.1. Files in /etc/cobbler are world readable. Two of those files contain some sensitive information that c more... |
3.2.3, v3.0.1, 2.8.5, 2.8.0, v2.6.8, v2.6.4, v2.4.7, v2.6.2, v2.4.5, v2.6.0
|
|
| CVE-2021-45082 | High | Feb 19, 2022 | An issue was discovered in Cobbler before 3.3.1. In the templar.py file, the function check_for_invalid_imports can allow Cheetah code to import Python more... |
3.2.3, v3.0.1, 2.8.5, 2.8.0, v2.6.8, v2.6.4, v2.4.7, v2.6.2, v2.4.5, v2.6.0
|
|
| CVE-2021-45081 | Medium | Feb 20, 2022 | An issue was discovered in Cobbler through 3.3.1. Routines in several files use the HTTP protocol instead of the more secure HTTPS. |
3.2.3, 3.3.1, v3.0.1, 2.8.5, 2.8.0, v2.6.8, v2.6.4, v2.4.7, v2.6.2, v2.4.5
|
|
| CVE-2021-40325 | High | Oct 04, 2021 | Cobbler before 3.3.0 allows authorization bypass for modification of settings. |
3.2.3, v3.0.1, 2.8.5, 2.8.0, v2.6.8, v2.6.4, v2.4.7, v2.6.2, v2.4.5, v2.6.0
|
|
| CVE-2021-40324 | High | Oct 04, 2021 | Cobbler before 3.3.0 allows arbitrary file write operations via upload_log_data. |
3.2.3, v3.0.1, 2.8.5, 2.8.0, v2.6.8, v2.6.4, v2.4.7, v2.6.2, v2.4.5, v2.6.0
|
|
| CVE-2021-40323 | Critical | Oct 04, 2021 | Cobbler before 3.3.0 allows log poisoning, and resultant Remote Code Execution, via an XMLRPC method that logs to the logfile for template injection. |
3.2.3, v3.0.1, 2.8.5, 2.8.0, v2.6.8, v2.6.4, v2.4.7, v2.6.2, v2.4.5, v2.6.0
|
