RSS   Podatności dla 'Cockpit'   RSS

2018-05-25
 
CVE-2018-11471

CWE-79
 
 
Cockpit 0.5.5 has XSS via a collection, form, or region.

 
2018-04-10
 
CVE-2017-14611

CWE-918
 
 
SSRF (Server Side Request Forgery) in Cockpit 0.13.0 allows remote attackers to read arbitrary files or send TCP traffic to intranet hosts via the url parameter, related to use of the discontinued aheinze/fetch_url_contents component.

 

Copyright 2024, cxsecurity.com

 

Back to Top