2 matches found
CVE-2017-14611
SSRF Server Side Request Forgery in Cockpit 0.13.0 allows remote attackers to read arbitrary files or send TCP traffic to intranet hosts via the url parameter, related to use of the discontinued aheinze/fetchurlcontents component...
PT-2018-5687 · Red Hat · Cockpit
Name of the Vulnerable Software and Affected Versions: Cockpit version 0.13.0 Description: The issue allows remote attackers to read arbitrary files or send TCP traffic to intranet hosts. This is related to the use of the discontinued aheinze/fetch url contents component, specifically via the url...