3 matches found
cockpit: Cockpit: Arbitrary command execution via crafted links in system logs UI
A flaw was found in Cockpit. This vulnerability allows a remote attacker to achieve arbitrary command execution on the host by exploiting unsanitized user-controlled parameters within crafted links in the system logs user interface UI. An attacker can inject shell metacharacters and command...
EUVD-2021-26983
Malware in sbrugna...
cockpit: Authenticated user can kill any process when enabling pam_env's user_readenv option
A flaw was found in the cockpit package. This flaw allows an authenticated user to kill any process when enabling the pamenv's userreadenv option, which leads to a denial of service DoS attack...