Agentejo: >> Cockpit >> 0.13.0 Security Vulnerabilities
Unrestricted Upload of File with Dangerous Type in GitHub repository cockpit-hq/cockpit prior to 2.4.1.
CVSS Score
7.2
EPSS Score
0.001
Published
2023-03-10
Use of Platform-Dependent Third Party Components in GitHub repository cockpit-hq/cockpit prior to 2.4.0.
CVSS Score
4.0
EPSS Score
0.001
Published
2023-03-03
Improper Restriction of Rendered UI Layers or Frames in GitHub repository cockpit-hq/cockpit prior to 2.3.9-dev.
CVSS Score
4.0
EPSS Score
0.002
Published
2023-02-11
Privilege Chaining in GitHub repository cockpit-hq/cockpit prior to 2.3.8.
CVSS Score
5.3
EPSS Score
0.0
Published
2023-02-09
Improper Removal of Sensitive Information Before Storage or Transfer in GitHub repository cockpit-hq/cockpit prior to 2.2.2.
CVSS Score
9.8
EPSS Score
0.007
Published
2022-08-15
Insufficient Session Expiration in GitHub repository cockpit-hq/cockpit prior to 2.2.0.
CVSS Score
8.6
EPSS Score
0.003
Published
2022-08-08
SSRF (Server Side Request Forgery) in Cockpit 0.13.0 allows remote attackers to read arbitrary files or send TCP traffic to intranet hosts via the url parameter, related to use of the discontinued aheinze/fetch_url_contents component.
CVSS Score
9.1
EPSS Score
0.004
Published
2018-04-10
Page 2