Cockpit-project Cockpit — known CVE vulnerabilities
Every CVE whose affected-product data names Cockpit-project Cockpit, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2019-3804 — CVSS 7.5 (high): It was found that cockpit before version 184 used glib's base64 decode functionality incorrectly resulting in a denial of service attack…
CVE-2021-3698 — CVSS 7.5 (high): A flaw was found in Cockpit in versions prior to 260 in the way it handles the certificate verification performed by the System Security…
CVE-2020-35850 — CVSS 6.5 (medium): An SSRF issue was discovered in cockpit-project.org Cockpit 234. NOTE: this is unrelated to the Agentejo Cockpit product. NOTE: the vendor…
CVE-2021-3660 — CVSS 4.3 (medium): Cockpit (and its plugins) do not seem to protect itself against clickjacking. It is possible to render a page from a cockpit server via…