AVG-1393 log

Package cockpit
Status Fixed
Severity Medium
Type multiple issues
Affected 259-1
Fixed 260-1
Current 269-1 [community]
Ticket None
Created Wed Dec 30 11:02:54 2020
Issue Severity Remote Type Description
CVE-2021-3698 Medium Yes Certificate verification bypass
A security issue was found in Cockpit in the way it handles the certificate verification performed by the System Security Services Daemon (SSSD). This flaw...
CVE-2020-35850 Low Yes Cross-site request forgery
A server-side request forgery issue was discovered in cockpit- project.org Cockpit 234. It allows a user to send requests to internal hosts for detecting...