AVG-1393 log
| Package | cockpit |
| Status | Fixed |
| Severity | Medium |
| Type | multiple issues |
| Affected | 259-1 |
| Fixed | 260-1 |
| Current | 342-1 [extra] |
| Ticket | None |
| Created | Wed Dec 30 11:02:54 2020 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2021-3698 | Medium | Yes | Certificate verification bypass | A security issue was found in Cockpit in the way it handles the certificate verification performed by the System Security Services Daemon (SSSD). This flaw... |
| CVE-2020-35850 | Low | Yes | Cross-site request forgery | A server-side request forgery issue was discovered in cockpit- project.org Cockpit 234. It allows a user to send requests to internal hosts for detecting... |