tfm-rubygem-foreman_remote_execution-cockpit vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the tfm-rubygem-foreman_remote_execution-cockpit package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free

Vulnerability	Vulnerable Version
H Reliance on Untrusted Inputs in a Security Decision	<0:3.3.7-1.el7sat
H Directory Traversal	<0:3.3.7-1.el7sat
H Incorrect Default Permissions	<0:3.3.7-1.el7sat
H Improper Validation of Certificate with Host Mismatch	<0:3.3.7-1.el7sat
H Improper Input Validation	<0:3.3.7-1.el7sat
H HTTP Request Smuggling	<0:3.3.7-1.el7sat
H Cross-site Scripting (XSS)	<0:3.3.7-1.el7sat
H Eval Injection	<0:3.3.7-1.el7sat
H HTTP Response Splitting	<0:3.3.7-1.el7sat
H Insufficiently Protected Credentials	<0:3.3.7-1.el7sat
H Improper Input Validation	<0:3.3.7-1.el7sat
H Improperly Implemented Security Check for Standard	<0:3.3.7-1.el7sat
H Cross-site Scripting (XSS)	<0:3.3.7-1.el7sat
H CVE-2018-3258	<0:3.3.7-1.el7sat
H Missing Authorization	<0:3.3.7-1.el7sat
M Information Exposure	<0:4.2.3-1.el7sat
M Missing Authorization	<0:4.2.3-1.el7sat
M Information Exposure Through Log Files	<0:4.2.3-1.el7sat
H Improper Input Validation	<0:3.3.7-1.el7sat
H Cross-site Scripting (XSS)	<0:3.3.7-1.el7sat
M Information Exposure	<0:4.2.3-1.el7sat
M Insufficiently Protected Credentials	<0:2.0.10.2-1.el7sat
H Improper Authorization	<0:2.0.10-1.el7sat
H Cleartext Transmission of Sensitive Information	<0:2.0.10-1.el7sat
H Improper Certificate Validation	<0:2.0.10-1.el7sat
H Insufficiently Protected Credentials	<0:3.3.7-1.el7sat
H Improper Authentication	<0:2.0.10.3-1.el7sat
H Improper Authentication	<0:3.3.7-1.el7sat
H Improper Authentication	<0:3.3.7-1.el7sat
M Information Exposure	<0:4.2.3-1.el7sat
H Information Exposure	<0:3.3.7-1.el7sat
H Incorrect Default Permissions	<0:3.3.7-1.el7sat
M SQL Injection	<0:4.2.3-1.el7sat
H Improperly Implemented Security Check for Standard	<0:3.3.7-1.el7sat
H Missing Authorization	<0:3.3.7-1.el7sat
H Improper Validation of Certificate with Host Mismatch	<0:3.3.7-1.el7sat
M Execution with Unnecessary Privileges	<0:4.2.3-1.el7sat
H HTTP Request Smuggling	<0:3.3.7-1.el7sat
M Out-of-Bounds	<0:4.2.3-1.el7sat
M Information Exposure	<0:4.2.3-1.el7sat
M Cross-site Request Forgery (CSRF)	<0:4.2.3-1.el7sat
H Cross-site Scripting (XSS)	<0:3.3.7-1.el7sat
M Cross-site Request Forgery (CSRF)	<0:4.2.3-1.el7sat
H Improper Input Validation	<0:3.3.7-1.el7sat
M Cross-site Scripting (XSS)	<0:4.2.3-1.el7sat
M Improper Input Validation	<0:4.2.3-1.el7sat
M Improper Input Validation	<0:4.2.3-1.el7sat
H Eval Injection	<0:3.3.7-1.el7sat
H Directory Traversal	<0:3.3.7-1.el7sat
H HTTP Response Splitting	<0:3.3.7-1.el7sat
H Reliance on Untrusted Inputs in a Security Decision	<0:3.3.7-1.el7sat
H Deserialization of Untrusted Data	<0:2.0.10.1-1.el7sat
H CVE-2018-3258	<0:3.3.7-1.el7sat
M Covert Timing Channel	<0:4.2.3-1.el7sat
H Covert Timing Channel	<0:3.3.7-1.el7sat
H Deserialization of Untrusted Data	<0:2.0.10-1.el7sat
H Deserialization of Untrusted Data	<0:3.3.7-1.el7sat
H Deserialization of Untrusted Data	<0:2.0.10.1-1.el7sat
H Deserialization of Untrusted Data	<0:3.3.7-1.el7sat
H Deserialization of Untrusted Data	<0:3.3.7-1.el7sat
H Deserialization of Untrusted Data	<0:2.0.10.1-1.el7sat
H Deserialization of Untrusted Data	<0:3.3.7-1.el7sat
H Deserialization of Untrusted Data	<0:3.3.7-1.el7sat
H Deserialization of Untrusted Data	<0:3.3.7-1.el7sat
H Deserialization of Untrusted Data	<0:2.0.10.1-1.el7sat
H Deserialization of Untrusted Data	<0:2.0.10.1-1.el7sat
H Deserialization of Untrusted Data	<0:3.3.7-1.el7sat
H Deserialization of Untrusted Data	<0:3.3.7-1.el7sat
M Information Exposure	<0:4.2.3-1.el7sat
H Deserialization of Untrusted Data	<0:3.3.7-1.el7sat
H Deserialization of Untrusted Data	<0:3.3.7-1.el7sat
H Deserialization of Untrusted Data	<0:2.0.10.1-1.el7sat
H Deserialization of Untrusted Data	<0:2.0.10.1-1.el7sat
H Deserialization of Untrusted Data	<0:3.3.7-1.el7sat
H Deserialization of Untrusted Data	<0:3.3.7-1.el7sat
H Deserialization of Untrusted Data	<0:2.0.10.1-1.el7sat
H Deserialization of Untrusted Data	<0:3.3.7-1.el7sat
H Deserialization of Untrusted Data	<0:3.3.7-1.el7sat
H Deserialization of Untrusted Data	<0:2.0.10.1-1.el7sat
H Deserialization of Untrusted Data	<0:3.3.7-1.el7sat
H Deserialization of Untrusted Data	<0:3.3.7-1.el7sat
H Deserialization of Untrusted Data	<0:2.0.10.1-1.el7sat
H Deserialization of Untrusted Data	<0:3.3.7-1.el7sat
H Deserialization of Untrusted Data	<0:3.3.7-1.el7sat
H Deserialization of Untrusted Data	<0:2.0.10.1-1.el7sat
H Deserialization of Untrusted Data	<0:3.3.7-1.el7sat
H Deserialization of Untrusted Data	<0:3.3.7-1.el7sat
H Deserialization of Untrusted Data	<0:2.0.10.1-1.el7sat
M Use After Free	<0:4.2.3-1.el7sat
H Deserialization of Untrusted Data	<0:2.0.10-1.el7sat

Vulnerability

Vulnerable Version

Reliance on Untrusted Inputs in a Security Decision

<0:3.3.7-1.el7sat

Directory Traversal

<0:3.3.7-1.el7sat

Incorrect Default Permissions

<0:3.3.7-1.el7sat

Improper Validation of Certificate with Host Mismatch

<0:3.3.7-1.el7sat

Improper Input Validation

<0:3.3.7-1.el7sat