Improper Neutralization of Special Elements used in a Command ('Command Injection')

🗓️ 20 Feb 2022 00:00:00Reported by https://gitlab.com/gitlab-org/security-products/gemnasium-dbType

Improper Neutralization of Special Elements in Cobbler 3.3.

Reporter	Title	Published	Views	Family All 27
CNVD	Cobbler Command Injection Vulnerability (CNVD-2022-18324)	22 Feb 202200:00	–	cnvd
Prion	Design/Logic Flaw	19 Feb 202200:15	–	prion
CVE	CVE-2021-45082	19 Feb 202200:15	–	cve
OSV	Command Injection in Cobbler	20 Feb 202200:00	–	osv
OSV	PYSEC-2022-37	19 Feb 202200:15	–	osv
OSV	OPENSUSE-SU-2024:11853-1 cobbler-3.3.1.0+git.f5b0599a-1.1 on GA media	15 Jun 202400:00	–	osv
OSV	CVE-2021-45082	19 Feb 202200:15	–	osv
OSV	cobbler vulnerabilities	13 Nov 202315:04	–	osv
RedhatCVE	CVE-2021-45082	21 Feb 202207:30	–	redhatcve
Github Security Blog	Command Injection in Cobbler	20 Feb 202200:00	–	github

Vulners

Node

pypi cobblerRange<3.3.1

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2021-45082
bugzilla	www.bugzilla.suse.com/show_bug.cgi
github	www.github.com/cobbler/cobbler/releases
github	www.github.com/cobbler/cobbler/pull/2945
github	www.github.com/cobbler/cobbler/releases/tag/v3.3.1
github	www.github.com/advisories/GHSA-6cm4-gm85-972c

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

20 Feb 2022 00:00Current

4Medium risk

Vulners AI Score4

CVSS24.6

CVSS37.8

EPSS0.0009