Vulnerabilities > Theforeman
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-03 | CVE-2023-4886 | A sensitive information exposure vulnerability was found in foreman. | 4.4 |
| 2023-09-22 | CVE-2022-3874 | OS Command Injection vulnerability in multiple products A command injection flaw was found in foreman. | 9.1 |
| 2023-09-20 | CVE-2023-0118 | OS Command Injection vulnerability in multiple products An arbitrary code execution flaw was found in Foreman. | 9.1 |
| 2023-09-20 | CVE-2023-0462 | Code Injection vulnerability in multiple products An arbitrary code execution flaw was found in Foreman. | 9.1 |
| 2022-08-16 | CVE-2020-10710 | Insufficiently Protected Credentials vulnerability in Theforeman Foreman A flaw was found where the Plaintext Candlepin password is disclosed while updating Red Hat Satellite through the satellite-installer. | 4.4 |
| 2022-03-30 | CVE-2021-3456 | Incorrect Authorization vulnerability in Theforeman Smart Proxy Salt An improper authorization handling flaw was found in Foreman. | 3.6 |
| 2022-03-25 | CVE-2021-20290 | Incorrect Authorization vulnerability in Theforeman Openscap An improper authorization handling flaw was found in Foreman. | 3.6 |
| 2022-03-23 | CVE-2021-3589 | Missing Authentication for Critical Function vulnerability in multiple products An authorization flaw was found in Foreman Ansible. | 8.0 |
| 2021-12-23 | CVE-2021-3584 | OS Command Injection vulnerability in multiple products A server side remote code execution vulnerability was found in Foreman project. | 9.0 |
| 2021-06-07 | CVE-2021-20259 | Information Exposure vulnerability in Theforeman Foremanfogproxmox A flaw was found in the Foreman project. | 4.6 |