cockpit-hq/cockpit Security Advisories for 2.1.2 (17)
-
[CRITICAL] Cockpit CMS contains an arbitrary file upload vulenrability
PKSA-1g11-thhn-qmqq CVE-2024-4825 GHSA-vpj8-xfqc-jcv9
Affected version: <2.7.0
Reported by:
GitHub -
[MEDIUM] Cockpit CMS arbitrary file upload vulnerability
PKSA-dkf9-ctj9-6715 CVE-2023-41564 GHSA-38vf-35cg-m73w
Affected version: <=2.6.3
Reported by:
GitHub -
[MEDIUM] Cockpit Cross-site Scripting vulnerability
PKSA-t4f4-3p1b-pwvn CVE-2023-4451 GHSA-g3mv-64h3-h482
Affected version: <=2.6.3
Reported by:
GitHub -
[HIGH] Cockpit Cross-site Scripting vulnerability
PKSA-j62f-f87n-nv4p CVE-2023-4433 GHSA-ff45-2jp9-69jc
Affected version: <=2.6.3
Reported by:
GitHub -
[HIGH] Cockpit Cross-site Scripting vulnerability
PKSA-xrwz-4p22-v3sh CVE-2023-4432 GHSA-rmgx-3w4r-xcfp
Affected version: <=2.6.3
Reported by:
GitHub -
[MEDIUM] Cockpit Cross-site Scripting vulnerability
PKSA-vwbc-y3t3-84k8 CVE-2023-4422 GHSA-8m65-qq6g-43rr
Affected version: <2.6.3
Reported by:
GitHub -
[HIGH] Cockpit Cross-site Scripting vulnerability
PKSA-55bx-95g3-bdpb CVE-2023-4395 GHSA-5cv4-48h7-7782
Affected version: <=2.6.3
Reported by:
GitHub -
[HIGH] Cockpit Cross-site Scripting vulnerability
PKSA-znb8-w45f-64b5 CVE-2023-4321 GHSA-3vf5-xm2p-6mh5
Affected version: <=2.6.2
Reported by:
GitHub -
[HIGH] Cockpit Cross-site Scripting vulnerability
PKSA-ys3f-9xrr-xrsz CVE-2023-4196 GHSA-w3qm-93vf-5hrw
Affected version: <2.6.3
Reported by:
GitHub -
[CRITICAL] Cockpit PHP Remote File Inclusion vulnerability
PKSA-ywbw-pgpj-12g6 CVE-2023-4195 GHSA-xcq3-7pf3-5jvc
Affected version: <2.6.3
Reported by:
GitHub -
[HIGH] Cockpit CMS Cross-Site Request Forgery vulnerability
PKSA-6cf3-m793-4f7h CVE-2023-37650 GHSA-45g2-r339-pjwf
Affected version: <2.6.0
Reported by:
GitHub -
[HIGH] Cockpit CMS vulnerable to incorrect access control
PKSA-61gq-gryd-k7qp CVE-2023-37649 GHSA-9r25-4j77-9wc7
Affected version: <2.6.0
Reported by:
GitHub -
[HIGH] cockpit-hq/cockpit is vulnerable to unrestricted file uploads
PKSA-dyd6-q5kw-cnzs CVE-2023-1313 GHSA-6x8f-x6qw-qwx3
Affected version: <2.4.1
Reported by:
GitHub -
[MEDIUM] Cockpit Uses Platform-Dependent Third Party Components
PKSA-xv8s-t5k3-3fys CVE-2023-1160 GHSA-p8cq-pv6w-6rwx
Affected version: <=2.3.9
Reported by:
GitHub -
[MEDIUM] Improper Restriction of Rendered UI Layers or Frames in cockpit-hq/cockpit
PKSA-ch6m-qfpx-wtvr CVE-2023-0780 GHSA-gm7m-rqf8-jx4m
Affected version: <2.3.9
Reported by:
GitHub -
[HIGH] privilege chaining in cockpit-hq/cockpit
PKSA-99sv-2wdf-h212 CVE-2023-0759 GHSA-86rf-38v8-9c4x
Affected version: <2.3.8
Reported by:
GitHub -
[HIGH] Cockpit Content Platform vulnerable to 2FA bypass
PKSA-1bzm-v7vr-v5fm CVE-2022-2818 GHSA-8wj3-cpmr-8whp
Affected version: <=2.2.1
Reported by:
GitHub