Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

pypi cobbler Security Advisories

Loading...
High
GSA_kwCzR0hTQS1qaG03LTM4eGotcHZtOM4AAgFD
Cobbler is vulnerable to code injection
Ecosystems: pypi
Packages: cobbler
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 years ago
High
GSA_kwCzR0hTQS1nMzRjLW1nNm0teHZ4as4AAfoT
Cobbler subject to Command Injection
Ecosystems: pypi
Packages: cobbler
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS1ocGozLTVwNDYtZzg3d84AAeNk
Cobbler vulnerable to code injection via unsafe YAML loading
Ecosystems: pypi
Packages: cobbler
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 years ago
High
GSA_kwCzR0hTQS1wOHcyLWY0NHAtZm1jas4AAaur
Cobbler Web Interface Kickstart Template Remote Privilege Escalation Vulnerability
Ecosystems: pypi
Packages: cobbler
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 years ago
Critical
GSA_kwCzR0hTQS05Nmh3LXY1OTgtanZnaM4AAXi3
Cobbler vulnerable to arbitrary code execution
Ecosystems: pypi
Packages: cobbler
Source: GitHub Advisory Database
Blast Radius: 10.2
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS14Yzd3LWp2aHgtcDZxOc4AAWID
Cobbler Path Traversal vulnerability
Ecosystems: pypi
Packages: cobbler
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS1xOWc1LTk4cG0tdzZxN84AAVU1
Cobbler XSS Vulnerability
Ecosystems: pypi
Packages: cobbler
Source: GitHub Advisory Database
Blast Radius: 6.4
Published: about 2 years ago
Critical
GSA_kwCzR0hTQS04Nzg3LTYzcHgtM20yM84AATHc
Cobbler has Exposed Dangerous Method or Function
Ecosystems: pypi
Packages: cobbler
Source: GitHub Advisory Database
Blast Radius: 10.2
Published: about 2 years ago
Critical
GSA_kwCzR0hTQS1mODhxLTIyZzgtZnJjZ84AASjg
Cobbler Improper Validation of Security Tokens
Ecosystems: pypi
Packages: cobbler
Source: GitHub Advisory Database
Blast Radius: 10.2
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS00dmM5LTR4cHEtNzd2bc4AARmW
Cobbler Arbitrary File Read
Ecosystems: pypi
Packages: cobbler
Source: GitHub Advisory Database
Blast Radius: 6.4
Published: about 2 years ago
High
GSA_kwCzR0hTQS05ZnFyLXBxYzktZjdwas0_Ew
Cobbler Web Interface Lacks CSRF Protection
Ecosystems: pypi
Packages: cobbler
Source: GitHub Advisory Database
Blast Radius: 9.2
Published: about 2 years ago
High
GSA_kwCzR0hTQS1tY2c2LWgzNjItY21xNc0yIQ
Improper Authorization in cobbler
Ecosystems: pypi
Packages: cobbler
Source: GitHub Advisory Database
Blast Radius: 8.5
Published: over 2 years ago
High
GSA_kwCzR0hTQS01OTQ2LW1wdzUtcHF4eM0t4A
Incorrect Default Permissions in Cobbler
Ecosystems: pypi
Packages: cobbler
Source: GitHub Advisory Database
Blast Radius: 7.4
Published: over 2 years ago
High
GSA_kwCzR0hTQS02Y200LWdtODUtOTcyY80t2w
Command Injection in Cobbler
Ecosystems: pypi
Packages: cobbler
Source: GitHub Advisory Database
Blast Radius: 8.1
Published: over 2 years ago
High
GSA_kwCzR0hTQS1jcjNmLXIyNGotM2Nod80WIw
Cobbler before 3.3.0 allows authorization bypass for modification of settings.
Ecosystems: pypi
Packages: cobbler
Source: GitHub Advisory Database
Blast Radius: 7.8
Published: almost 3 years ago
High
GSA_kwCzR0hTQS1jcHFmLTNjM3ItYzlnMs0WIg
Cobbler before 3.3.0 allows log poisoning
Ecosystems: pypi
Packages: cobbler
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 3 years ago
High
GSA_kwCzR0hTQS00Y2ZyLWdqZngtZmozeM0WIQ
Cobbler before 3.3.0 allows arbitrary file write operations via upload_log_data.
Ecosystems: pypi
Packages: cobbler
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 3 years ago
Statistics
Advisories: 19,479
Packages: 8,596
Repositories: 2
Ecosystems: 12
Filter by Package
tensorflow 432 tensorflow-cpu 387 tensorflow-gpu 384 apache-airflow 80 django 80 ansible 63 salt 55 Plone 52 apache-superset 50 nova 47 mlflow 46 plone 43 rdiffweb 42 Pillow 41 vyper 38 Django 36 moin 35 matrix-synapse 35 keystone 31 opencv-contrib-python 30 opencv-python 30 glance 20 langchain 19 gradio 18 cobbler 17 mercurial 17 PaddlePaddle 17 pillow 16 neutron 16 cryptography 15 paddlepaddle 15 notebook 15 modoboa 14 pyftpdlib 14 pyload-ng 14 OctoPrint 13 vantage6 13 ethyca-fides 13 urllib3 12 swift 12 wagtail 12 calibreweb 11 twisted 11 horizon 11 zenml 11 onionshare-cli 11 aiohttp 11 trytond 10 Flask-AppBuilder 10 nautobot 10 ryu 9 waitress 9 cinder 9 opencv-python-headless 9 opencv-contrib-python-headless 9 Zope 9 kiwitcms 9 zope 9 roundup 9 numpy 8 trac 8 python-keystoneclient 8 aubio 8 label-studio 8 pysaml2 7 scrapy 7 jupyter-server 7 lief 7 pgadmin4 7 sentry 7 matrix-sydent 7 ipython 7 pip 7 litellm 7 lollms 7 web2py 6 tornado 6 mindsdb 6 inventree 6 Moin 6 tuf 6 yt-dlp 6 requests 6 lxml 6 graphite-web 6 apache-airflow-providers-apache-hive 6 Zope2 6 mailman 6 python-gnupg 5 nltk 5 omero-web 5 Jinja2 5 pyspark 5 ckan 5 Products.CMFPlone 5 lmdb 5 saleor 5 feedparser 5 oauthenticator 5 whoogle-search 5 bleach 5 paramiko 5 markdown2 4 Scrapy 4 jupyterhub 4 Radicale 4 qutebrowser 4 PyPDF2 4 transformers 4 FreeTAKServer-UI 4 GitPython 4 reportlab 4 keylime 4 Pygments 4 buildbot 4 httpie 4 esphome 4 Weblate 4 tripleo-heat-templates 4 pretix 4 awsiotsdk 4 aws-iot-device-sdk-v2 4 software.amazon.awssdk.iotdevicesdk:aws-iot-device-sdk 4 jwcrypto 4 bottle 4 grpcio 4 grpc 4 starlette 4 werkzeug 4 Flask-Security-Too 4 ansible-core 4 datasette 4 Keystone 4 Werkzeug 4 barbican 4 nvflare 4 apache-iotdb 3 rsa 3 copyparty 3 fava 3 flask 3 apache-airflow-providers-apache-spark 3 pyyaml 3 Nova 3 SQLAlchemy 3 apache-libcloud 3 vanna 3 Kallithea 3 langchain-experimental 3 mitmproxy 3 mayan-edms 3 pandasai 3 certifi 3 protobuf 3 indico 3 ray 3 streamlit 3 dtale 3 asyncssh 3 keyring 3 pyarrow 3 changedetection.io 3 wger 3 asyncua 3 ajenti 3 dbt-core 3 sanic 3 scikit-learn 3 llama-index 3 ansible-runner 3 dulwich 3 octavia 3 slixmpp 3 clearml 3 docassemble.webapp 3 quokka 3 pycrypto 3 plone.app.event 3 plone.app.theming 3 plone.app.dexterity 3 plone.supermodel 3 Red-DiscordBot 3 django-helpdesk 3 sqlparse 3 ujson 3 jupyter-server-proxy 3 io.grpc:grpc-protobuf 3 Mezzanine 3 sickrage 3 sosreport 3 httplib2 3 torchserve 3 homeassistant 3 onnx 3 python-jose 3 jupyterlab 3 poetry 3 localstack 3 mistune 3 openvpn-monitor 3