Lucene search
SuseOPENSUSE-SU-2018:2590-1HistorySep 03, 2018 - 3:07 p.m.
Security update for cobbler (important)
2018-09-0315:07:54
lists.opensuse.org
58
0.013 Low
EPSS
Percentile
86.0%
This update for cobbler fixes the following issues:
Security issues fixed:
- Forbid exposure of private methods in the API (CVE-2018-10931,
CVE-2018-1000225, bsc#1104287, bsc#1104189, bsc#1105442) - Check access token when calling ‘modify_setting’ API endpoint
(bsc#1104190, bsc#1105440, CVE-2018-1000226)
Other bugs fixed:
- Do not try to hardlink to a symlink. The result will be a dangling
symlink in the general case. (bsc#1097733) - fix kernel options when generating bootiso (bsc#1101670)
This update was imported from the SUSE:SLE-12:Update update project.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| openSUSE Leap | 42.3 | noarch | cobbler-web | < 2.6.6-17.1 | cobbler-web-2.6.6-17.1.noarch.rpm |
| openSUSE Leap | 42.3 | noarch | koan | < 2.6.6-17.1 | koan-2.6.6-17.1.noarch.rpm |
| openSUSE Leap | 42.3 | noarch | cobbler-tests | < 2.6.6-17.1 | cobbler-tests-2.6.6-17.1.noarch.rpm |
| openSUSE Leap | 42.3 | noarch | cobbler | < 2.6.6-17.1 | cobbler-2.6.6-17.1.noarch.rpm |
Related
openvas
openvas
openSUSE: Security Advisory for cobbler (openSUSE-SU-2018:2590-1)
2018-09-04 00:00:00
Cobbler <= 2.6.11 Multiple Vulnerabilities
2018-08-21 00:00:00
Fedora Update for cobbler FEDORA-2019-cd24f60a94
2019-09-13 00:00:00
nessus
nessus
openSUSE Security Update : cobbler (openSUSE-2018-952)
2018-09-04 00:00:00
RHEL 8 : cobbler (Unpatched Vulnerability)
2024-06-03 00:00:00
RHEL 8 : cobbler (Unpatched Vulnerability)
2024-05-11 00:00:00
fedora
fedora
[SECURITY] Fedora 29 Update: cobbler-2.8.4-5.fc29
2018-12-05 02:36:46
[SECURITY] Fedora 29 Update: cobbler-2.8.5-0.1.fc29
2019-09-11 21:18:50
[SECURITY] Fedora 28 Update: cobbler-2.8.4-5.fc28
2018-12-05 01:58:03
prion
prion
Design/Logic Flaw
2018-08-20 20:29:00
Cross site scripting
2018-08-20 20:29:00
Design/Logic Flaw
2018-08-09 20:29:00
nuclei
nuclei
Cobbler - Authentication Bypass
2022-02-14 17:20:32
cve
cve
CVE-2018-1000226
2018-08-20 20:29:01
CVE-2018-1000225
2018-08-20 20:29:01
CVE-2018-10931
2018-08-09 20:29:00
osv
osv
Cobbler Improper Validation of Security Tokens
2022-05-13 01:48:35
Cobbler XSS Vulnerability
2022-05-14 02:19:50
Cobbler has Exposed Dangerous Method or Function
2022-05-13 01:54:14
nvd
nvd
CVE-2018-1000226
2018-08-20 20:29:01
CVE-2018-1000225
2018-08-20 20:29:01
CVE-2018-10931
2018-08-09 20:29:00
ubuntucve
ubuntucve
CVE-2018-1000226
2018-08-20 00:00:00
CVE-2018-1000225
2018-08-20 00:00:00
CVE-2018-10931
2018-08-09 00:00:00
github
github
Cobbler Improper Validation of Security Tokens
2022-05-13 01:48:35
Cobbler XSS Vulnerability
2022-05-14 02:19:50
Cobbler has Exposed Dangerous Method or Function
2022-05-13 01:54:14
gitlab
gitlab
Incorrect Permission Assignment for Critical Resource
2022-05-13 00:00:00
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
2022-05-14 00:00:00
Exposed Dangerous Method or Function
2022-05-13 00:00:00
cvelist
cvelist
CVE-2018-1000226
2018-08-20 20:00:00
CVE-2018-1000225
2018-08-20 20:00:00
CVE-2018-10931
2018-08-09 20:00:00
suse
suse
Security update for cobbler (moderate)
2021-01-14 00:00:00
Security update for cobbler (moderate)
2021-01-11 00:00:00
redhatcve
redhatcve
CVE-2018-1000225
2018-08-22 07:49:16
CVE-2018-1000226
2018-08-22 07:49:00
CVE-2018-10931
2018-08-09 15:18:52
veracode
veracode
Arbitrary File Upload
2019-01-15 09:24:32
redhat
redhat
(RHSA-2018:2372) Critical: cobbler security update
2018-08-09 15:32:57
ubuntu
ubuntu
Cobbler vulnerabilities
2023-11-13 00:00:00