Medium severity6.1NVD Advisory· Published Aug 22, 2018· Updated Jun 17, 2026
CVE-2016-9605
CVE-2016-9605
Description
A flaw was found in cobbler software component version 2.6.11-1. It suffers from an invalid parameter validation vulnerability, leading the arbitrary file reading. The flaw is triggered by navigating to a vulnerable URL via cobbler-web on a default installation.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
cobblerPyPI | <= 2.6.11-1 | — |
Affected products
6- ghsa-coords5 versionspkg:pypi/cobblerpkg:rpm/opensuse/cobbler&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/koan&distro=openSUSE%20Tumbleweedpkg:rpm/suse/cobbler&distro=SUSE%20Manager%20Client%20Tools%2012pkg:rpm/suse/cobbler&distro=SUSE%20Manager%20Server%203.0
<= 2.6.11-1+ 4 more
- (no CPE)range: <= 2.6.11-1
- (no CPE)range: < 3.2.1.336+git.5639a3af-1.1
- (no CPE)range: < 3.0.1-1.2
- (no CPE)range: < 2.6.6-48.1
- (no CPE)range: < 2.6.6-48.1
- The cobbler Project/cobblerv5Range: 2.6.11-1
Patches
Vulnerability mechanics
References
3- bugzilla.redhat.com/show_bug.cginvdIssue TrackingThird Party AdvisoryWEB
- github.com/advisories/GHSA-4vc9-4xpq-77vmghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2016-9605ghsaADVISORY
News mentions
0No linked articles in our index yet.