VYPR

rpm package

opensuse/koan&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/koan&distro=openSUSE%20Tumbleweed

Vulnerabilities (2)

  • CVE-2016-9605MedAug 22, 2018
    affected < 3.0.1-1.2fixed 3.0.1-1.2

    A flaw was found in cobbler software component version 2.6.11-1. It suffers from an invalid parameter validation vulnerability, leading the arbitrary file reading. The flaw is triggered by navigating to a vulnerable URL via cobbler-web on a default installation.

  • CVE-2011-4953Oct 27, 2014
    affected < 3.0.1-1.2fixed 3.0.1-1.2

    The set_mgmt_parameters function in item.py in cobbler before 2.2.2 allows context-dependent attackers to execute arbitrary code via vectors related to the use of the yaml.load function instead of the yaml.safe_load function, as demonstrated using Puppet.