Vulnerabilities > Cockpit Project

DATE	CVE	VULNERABILITY TITLE	RISK
2022-03-10	CVE-2021-3660	Improper Restriction of Rendered UI Layers or Frames vulnerability in multiple products Cockpit (and its plugins) do not seem to protect itself against clickjacking. network low complexity cockpit-project redhat CWE-1021	4.3
2022-03-10	CVE-2021-3698	Improper Certificate Validation vulnerability in multiple products A flaw was found in Cockpit in versions prior to 260 in the way it handles the certificate verification performed by the System Security Services Daemon (SSSD). network low complexity cockpit-project redhat CWE-295	5.0
2020-12-30	CVE-2020-35850	Server-Side Request Forgery (SSRF) vulnerability in Cockpit-Project Cockpit 234 An SSRF issue was discovered in cockpit-project.org Cockpit 234. network low complexity cockpit-project CWE-918	6.5
2019-03-26	CVE-2019-3804	Missing Initialization of Resource vulnerability in multiple products It was found that cockpit before version 184 used glib's base64 decode functionality incorrectly resulting in a denial of service attack. network low complexity cockpit-project fedoraproject redhat CWE-909	7.5

Vulnerabilities > Cockpit Project {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Cockpit Project"}]}