cobbler@3.3.1 vulnerabilities

Network Boot and Update Server

Known vulnerabilities in the cobbler package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Vulnerability	Vulnerable Version
M Improper Input Validation cobbler is a network install server. Affected versions of this package are vulnerable to Improper Input Validation by navigating to a vulnerable URL via `cobbler-web` on a default installation. How to fix Improper Input Validation? There is no fixed version for `cobbler`.	[0,)
C Incorrect Permission Assignment for Critical Resource cobbler is a network install server. Affected versions of this package are vulnerable to Incorrect Permission Assignment for Critical Resource in `XMLRPC API` that can result in Privilege escalation, data manipulation or exfiltration, LDAP credential harvesting. How to fix Incorrect Permission Assignment for Critical Resource? There is no fixed version for `cobbler`.	[0,)
H Improper Authorization cobbler is a network install server. Affected versions of this package are vulnerable to Improper Authorization when it is configured to authenticate via `PAM`, account validity is missing. Therefore expired accounts can still login. How to fix Improper Authorization? Upgrade `cobbler` to version 3.3.2 or higher.	[,3.3.2)