cfme-gemset vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the cfme-gemset package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free

Vulnerability	Vulnerable Version
M Cross-site Request Forgery (CSRF)	<0:5.11.8.1-1.el8cf
M Cross-site Request Forgery (CSRF)	<0:5.11.8.1-1.el8cf
C Server-Side Request Forgery (SSRF)	<0:5.11.7.3-1.el8cf
C Server-Side Request Forgery (SSRF)	<0:5.11.7.3-1.el8cf
C Improper Input Validation	<0:5.11.7.3-1.el8cf
C Improper Input Validation	<0:5.11.7.3-1.el8cf
C Improper Access Control	<0:5.11.7.3-1.el8cf
C Improper Access Control	<0:5.11.7.3-1.el8cf
C Arbitrary Code Injection	<0:5.11.7.3-1.el8cf
C Arbitrary Code Injection	<0:5.11.7.3-1.el8cf
H Improper Authorization	<0:5.11.10.1-1.el8cf
H Improper Authorization	<0:5.11.10.1-1.el8cf
M Information Exposure	<0:5.11.6.0-1.el8cf
M Information Exposure	<0:5.11.6.0-1.el8cf
M Improperly Implemented Security Check for Standard	<0:5.11.0.28-1.el8cf
M Improperly Implemented Security Check for Standard	<0:5.11.0.28-1.el8cf
M Resource Exhaustion	*
M Information Exposure	*
L Information Exposure	*
M Resource Exhaustion	*
L Cross-site Request Forgery (CSRF)	*
M Resource Exhaustion	*
M Open Redirect	*
L Cross-site Scripting (XSS)	*
L Cross-site Request Forgery (CSRF)	*
L Improper Input Validation	*
L Cross-site Scripting (XSS)	*
L Improper Input Validation	*
L Improper Input Validation	*
M Eval Injection	*
H Improper Input Validation	<0:5.11.3.1-1.el8cf
H Improper Input Validation	<0:5.11.3.1-1.el8cf
M Information Exposure	*
L OS Command Injection	*
C Improper Authorization	<0:5.11.7.3-1.el8cf
C Improper Authorization	<0:5.11.7.3-1.el8cf
L Directory Traversal	*
C OS Command Injection	<0:5.11.7.3-1.el8cf
C OS Command Injection	<0:5.11.7.3-1.el8cf
C Improper Authorization	<0:5.11.7.3-1.el8cf
C Improper Authorization	<0:5.11.7.3-1.el8cf
C Expected Behavior Violation	<0:5.11.7.3-1.el8cf
C Expected Behavior Violation	<0:5.11.7.3-1.el8cf
M HTTP Response Splitting	*
M Cross-site Scripting (XSS)	*
M Resource Exhaustion	<0:5.11.1.2-1.el8cf
M Resource Exhaustion	<0:5.11.1.2-1.el8cf
L Reliance on Untrusted Inputs in a Security Decision	*
M Cross-site Scripting (XSS)	<0:5.11.0.28-1.el8cf
M Cross-site Scripting (XSS)	<0:5.11.0.28-1.el8cf
M Cross-site Scripting (XSS)	*
M Cross-site Scripting (XSS)	*

Vulnerability

Vulnerable Version

Cross-site Request Forgery (CSRF)

<0:5.11.8.1-1.el8cf