Showing 1 - 1 of 1

CVE-2021-45082

Status Candidate

Overview

An issue was discovered in Cobbler before 3.3.1. In the templar.py file, the function check_for_invalid_imports can allow Cheetah code to import Python modules via the "#from MODULE import" substring. (Only lines beginning with #import are blocked.)

Related Files

Ubuntu Security Notice USN-6475-1: Posted Nov 15, 2023; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 6475-1 - It was discovered that Cobbler did not properly handle user input, which could result in an absolute path traversal. An attacker could possibly use this issue to read arbitrary files. It was discovered that Cobbler did not properly handle user input, which could result in command injection. An attacker could possibly use this issue to execute arbitrary code with high privileges.; tags | advisory, arbitrary; systems | linux, ubuntu; advisories | CVE-2014-3225, CVE-2018-10931, CVE-2021-45082, CVE-2021-45083, CVE-2022-0860; SHA-256 | 0f5bdfd830c1045876a39f585eab0d4480ccae6d44a7e287338db0cbc5144e33; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 228 files
Ubuntu 89 files
Gentoo 31 files
Debian 22 files
tmrswrr 10 files
Sina Kheirkhah 7 files
bRpsd 4 files
Rodolfo Tavares 4 files
nu11secur1ty 3 files
Google Security Research 3 files

File Archives

Systems

AIX (429)
Apple (2,090)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,079)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,531)
HPUX (880)
iOS (376)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (50,380)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,289)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,663)
UNIX (9,426)
UnixWare (187)
Windows (6,666)
Other

CVE-2021-45082

Overview

Related Files

File Archive:

July 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems