Vulnerabilities > Supervisord
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-09-10 | CVE-2019-12105 | Missing Authentication for Critical Function vulnerability in Supervisord Supervisor In Supervisor through 4.0.2, an unauthenticated user can read log files or restart a service. | 8.2 |
2017-08-23 | CVE-2017-11610 | Incorrect Default Permissions vulnerability in multiple products The XML-RPC server in supervisor before 3.0.1, 3.1.x before 3.1.4, 3.2.x before 3.2.4, and 3.3.x before 3.3.3 allows remote authenticated users to execute arbitrary commands via a crafted XML-RPC request, related to nested supervisord namespace lookups. | 8.8 |