Vulnerabilities > Cockpit Project > Cockpit > 0.85
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-03-10 | CVE-2021-3660 | Improper Restriction of Rendered UI Layers or Frames vulnerability in multiple products Cockpit (and its plugins) do not seem to protect itself against clickjacking. | 4.3 |
| 2022-03-10 | CVE-2021-3698 | Improper Certificate Validation vulnerability in multiple products A flaw was found in Cockpit in versions prior to 260 in the way it handles the certificate verification performed by the System Security Services Daemon (SSSD). | 5.0 |
| 2019-03-26 | CVE-2019-3804 | Missing Initialization of Resource vulnerability in multiple products It was found that cockpit before version 184 used glib's base64 decode functionality incorrectly resulting in a denial of service attack. | 7.5 |