exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 4

CVE-2010-2235

больше 15 лет назад

template_api.py in Cobbler before 2.0.7, as used in Red Hat Network Satellite Server and other products, does not disable the ability of the Cheetah template engine to execute Python statements contained in templates, which allows remote authenticated administrators to execute arbitrary code via a crafted kickstart template file, a different vulnerability than CVE-2008-6954.

CVSS2: 7.1

EPSS: Низкий

CVE-2010-2235

около 15 лет назад

template_api.py in Cobbler before 2.0.7, as used in Red Hat Network Satellite Server and other products, does not disable the ability of the Cheetah template engine to execute Python statements contained in templates, which allows remote authenticated administrators to execute arbitrary code via a crafted kickstart template file, a different vulnerability than CVE-2008-6954.

CVSS2: 8.5

EPSS: Низкий

CVE-2010-2235

около 15 лет назад

template_api.py in Cobbler before 2.0.7, as used in Red Hat Network Sa ...

CVSS2: 8.5

EPSS: Низкий

GHSA-jhm7-38xj-pvm8

больше 3 лет назад

Cobbler is vulnerable to code injection

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2010-2235 template_api.py in Cobbler before 2.0.7, as used in Red Hat Network Satellite Server and other products, does not disable the ability of the Cheetah template engine to execute Python statements contained in templates, which allows remote authenticated administrators to execute arbitrary code via a crafted kickstart template file, a different vulnerability than CVE-2008-6954.	CVSS2: 7.1	2% Низкий	больше 15 лет назад
CVE-2010-2235 template_api.py in Cobbler before 2.0.7, as used in Red Hat Network Satellite Server and other products, does not disable the ability of the Cheetah template engine to execute Python statements contained in templates, which allows remote authenticated administrators to execute arbitrary code via a crafted kickstart template file, a different vulnerability than CVE-2008-6954.	CVSS2: 8.5	2% Низкий	около 15 лет назад
CVE-2010-2235 template_api.py in Cobbler before 2.0.7, as used in Red Hat Network Sa ...	CVSS2: 8.5	2% Низкий	около 15 лет назад
GHSA-jhm7-38xj-pvm8 Cobbler is vulnerable to code injection		2% Низкий	больше 3 лет назад

Уязвимостей на страницу