cfme vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the cfme package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Vulnerability	Vulnerable Version
C Server-Side Request Forgery (SSRF)	<0:5.11.7.3-1.el8cf
C Server-Side Request Forgery (SSRF)	<0:5.11.7.3-1.el8cf
C Improper Input Validation	<0:5.11.7.3-1.el8cf
C Improper Input Validation	<0:5.11.7.3-1.el8cf
C Improper Access Control	<0:5.11.7.3-1.el8cf
C Improper Access Control	<0:5.11.7.3-1.el8cf
C Arbitrary Code Injection	<0:5.11.7.3-1.el8cf
C Arbitrary Code Injection	<0:5.11.7.3-1.el8cf
H Improper Authorization	<0:5.11.10.1-1.el8cf
H Improper Authorization	<0:5.11.10.1-1.el8cf
M Information Exposure	<0:5.11.6.0-1.el8cf
M Information Exposure	<0:5.11.6.0-1.el8cf
M Improperly Implemented Security Check for Standard	<0:5.11.0.28-1.el8cf
M Improperly Implemented Security Check for Standard	<0:5.11.0.28-1.el8cf
H Improper Input Validation	<0:5.11.3.1-1.el8cf
H Improper Input Validation	<0:5.11.3.1-1.el8cf
C Improper Authorization	<0:5.11.7.3-1.el8cf
C Improper Authorization	<0:5.11.7.3-1.el8cf
C OS Command Injection	<0:5.11.7.3-1.el8cf
C OS Command Injection	<0:5.11.7.3-1.el8cf
C Improper Authorization	<0:5.11.7.3-1.el8cf
C Improper Authorization	<0:5.11.7.3-1.el8cf
C Expected Behavior Violation	<0:5.11.7.3-1.el8cf
C Expected Behavior Violation	<0:5.11.7.3-1.el8cf
M Cross-site Scripting (XSS)	*
M Resource Exhaustion	<0:5.11.1.2-1.el8cf
M Resource Exhaustion	<0:5.11.1.2-1.el8cf
M Cross-site Scripting (XSS)	<0:5.11.0.28-1.el8cf
M Cross-site Scripting (XSS)	<0:5.11.0.28-1.el8cf