Every CVE whose affected-product data names Sos Project Sos, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2015-7529 — CVSS 7.8 (high): sosreport in SoS 3.x allows local users to obtain sensitive information from sosreport files or gain privileges via a symlink attack on an…
CVE-2015-3171 — CVSS 5.5 (medium): sosreport 3.2 uses weak permissions for generated sosreport archives, which allows local users with access to /var/tmp/ to obtain sensitive…
CVE-2022-2806 — CVSS 5.5 (medium): It was found that the ovirt-log-collector/sosreport collects the RHV admin password unfiltered. Fixed in: sos-4.2-20.el8_6…