Vulnerabilities > SOS Project > SOS > 3.3

DATE CVE VULNERABILITY TITLE RISK
2022-09-01 CVE-2022-2806 It was found that the ovirt-log-collector/sosreport collects the RHV admin password unfiltered.
local
low complexity
sos-project ovirt
5.5
2017-11-06 CVE-2015-7529 Link Following vulnerability in multiple products
sosreport in SoS 3.x allows local users to obtain sensitive information from sosreport files or gain privileges via a symlink attack on an archive file in a temporary directory, as demonstrated by sosreport-$hostname-$date.tar in /tmp/sosreport-$hostname-$date.
local
low complexity
sos-project canonical redhat CWE-59
7.8