Vulnerabilities > Theforeman > Foreman > 1.24.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-03 | CVE-2023-4886 | A sensitive information exposure vulnerability was found in foreman. | 4.4 |
| 2023-09-20 | CVE-2023-0462 | Code Injection vulnerability in multiple products An arbitrary code execution flaw was found in Foreman. | 9.1 |
| 2022-08-22 | CVE-2021-3590 | Cleartext Transmission of Sensitive Information vulnerability in multiple products A flaw was found in Foreman project. | 8.8 |
| 2021-12-23 | CVE-2021-3584 | A server side remote code execution vulnerability was found in Foreman project. | 7.2 |
| 2021-06-03 | CVE-2021-3469 | Incorrect Authorization vulnerability in Theforeman Foreman Foreman versions before 2.3.4 and before 2.4.0 is affected by an improper authorization handling flaw. | 5.4 |
| 2021-04-26 | CVE-2021-3494 | Unspecified vulnerability in Theforeman Foreman A smart proxy that provides a restful API to various sub-systems of the Foreman is affected by the flaw which can cause a Man-in-the-Middle attack. | 5.9 |