Vulnerabilities > Theforeman > Foreman > 2.1.2

DATE CVE VULNERABILITY TITLE RISK
2023-10-03 CVE-2023-4886 A sensitive information exposure vulnerability was found in foreman.
local
low complexity
theforeman redhat
4.4
2023-09-20 CVE-2023-0462 Code Injection vulnerability in multiple products
An arbitrary code execution flaw was found in Foreman.
network
low complexity
theforeman redhat CWE-94
critical
9.1
2022-08-22 CVE-2021-3590 Cleartext Transmission of Sensitive Information vulnerability in multiple products
A flaw was found in Foreman project.
network
low complexity
theforeman redhat CWE-319
8.8
2021-12-23 CVE-2021-3584 A server side remote code execution vulnerability was found in Foreman project.
network
low complexity
theforeman redhat
7.2
2021-06-03 CVE-2021-3469 Incorrect Authorization vulnerability in Theforeman Foreman
Foreman versions before 2.3.4 and before 2.4.0 is affected by an improper authorization handling flaw.
network
low complexity
theforeman CWE-863
5.4
2021-04-26 CVE-2021-3494 Unspecified vulnerability in Theforeman Foreman
A smart proxy that provides a restful API to various sub-systems of the Foreman is affected by the flaw which can cause a Man-in-the-Middle attack.
network
high complexity
theforeman
5.9