21 matches found
TencentOS Server 4: cockpit (TSSA-2025:0181)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0181 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...
TencentOS Server 3: cockpit (TSSA-2024:0238)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0238 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...
RLSA-2024:3667 Moderate: cockpit security update
Cockpit enables users to administer GNU/Linux servers using a web browser. It offers network configuration, log inspection, diagnostic reports, SELinux troubleshooting, interactive command-line sessions, and more. Security Fixes: cockpit: command injection when deleting a sosreport with a crafted...
cockpit security update
An update is available for cockpit. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Cockpit enables users to administer GNU/Linux servers using a web browser. It...
AlmaLinux 9 : cockpit (ALSA-2024:3843)
The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:3843 advisory. cockpit: command injection when deleting a sosreport with a crafted name CVE-2024-2947 Tenable has extracted the preceding description block directly from the...
Oracle Linux 9 : cockpit (ELSA-2024-3843)
The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-3843 advisory. 311.2-1.0.1 - Replaced upstream urls in documentation with oracle links Orabug: 36528753 - Drop subscription-manager-cockpit requirement for ol Orabug: 34681110...
Moderate: Red Hat Security Advisory: cockpit security update
An update for cockpit is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...
ALSA-2024:3843 Moderate: cockpit security update
Cockpit enables users to administer GNU/Linux servers using a web browser. It offers network configuration, log inspection, diagnostic reports, SELinux troubleshooting, interactive command-line sessions, and more. Security Fixes: cockpit: command injection when deleting a sosreport with a crafted...
Moderate: Red Hat Security Advisory: cockpit security update
An update for cockpit is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...
cockpit security update
310.4-1.0.1 - Update documentation links Orabug: 34706402 - Drop subscription-manager-cockpit requirement for ol Orabug: 34681110 - Remove duplicate reference to server in cockpit Orabug: 33862832 - Update documentation links Orabug: 32795691 - Make documentation links point to Oracle Linux...
AlmaLinux 8 : cockpit (ALSA-2024:3667)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:3667 advisory. cockpit: command injection when deleting a sosreport with a crafted name CVE-2024-2947 Tenable has extracted the preceding description block directly from the...
RHEL 8 : cockpit (RHSA-2024:3667)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:3667 advisory. Cockpit enables users to administer GNU/Linux servers using a web browser. It offers network configuration, log inspection, diagnostic reports, SELin...
ALSA-2024:3667 Moderate: cockpit security update
Cockpit enables users to administer GNU/Linux servers using a web browser. It offers network configuration, log inspection, diagnostic reports, SELinux troubleshooting, interactive command-line sessions, and more. Security Fixes: cockpit: command injection when deleting a sosreport with a crafted...
Moderate: cockpit security update
Cockpit enables users to administer GNU/Linux servers using a web browser. It offers network configuration, log inspection, diagnostic reports, SELinux troubleshooting, interactive command-line sessions, and more. Security Fixes: cockpit: command injection when deleting a sosreport with a crafted...
Fedora 40 : cockpit (2024-4e95f130fc)
The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-4e95f130fc advisory. Automatic update for cockpit-314-1.fc40. Changelog for cockpit Thu Mar 28 2024 Packit - 314-1 - Diagnostic reports: Fix command injection...
Debian dsa-5655 : cockpit - security update
The remote Debian 12 host has packages installed that are affected by a vulnerability as referenced in the dsa-5655 advisory. - A flaw was found in Cockpit. Deleting a sosreport with a crafted name via the Cockpit web interface can lead to a command injection vulnerability, resulting in privilege...
Fedora 38 : cockpit (2024-31e83b461d)
The remote Fedora 38 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-31e83b461d advisory. sosreport: Fix command injection with crafted report names CVE-2024-2947 Tenable has extracted the preceding description block directly from the Fedora...
Fedora 39 : cockpit (2024-6065341780)
The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-6065341780 advisory. Automatic update for cockpit-314-1.fc39. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that...
CVE-2024-2947
A flaw was found in Cockpit. Deleting a sosreport with a crafted name via the Cockpit web interface can lead to a command injection vulnerability, resulting in privilege escalation. This issue affects Cockpit versions 270 and newer...
CVE-2024-2947
A flaw was found in Cockpit. Deleting a sosreport with a crafted name via the Cockpit web interface can lead to a command injection vulnerability, resulting in privilege escalation. This issue affects Cockpit versions 270 and newer...