PyPi: Cobbler

CVE-2024-47533

Safety vulnerability ID: 74187

This vulnerability was reviewed by experts

The information on this page was manually curated by our Cybersecurity Intelligence Team.

Created at Nov 18, 2024 Updated at Nov 25, 2024

Scan your Python projects for vulnerabilities →

Advisory

Affected versions of Cobbler are vulnerable to Improper Authentication. Anyone can connect to cobbler XML-RPC server with known password and make changes.

Affected package

cobbler

Latest version: 3.3.7

Network Boot and Update Server

Affected versions

Fixed versions

Vulnerability changelog

Cobbler [3.2.3](https://github.com/cobbler/cobbler/tree/v3.2.3) - 2024-11-17

The mean reason for this release is [CVE-2024-47533](https://github.com/cobbler/cobbler/security/advisories/GHSA-m26c-fcgh-cp6h)

71 files changed, 3162 insertions(+), 1287 deletions(-)

Milestone: https://github.com/cobbler/cobbler/milestone/20

Diff to last release: [`v3.2.3...v3.2.3`](https://github.com/cobbler/cobbler/compare/v3.2.2...v3.2.3)

Fixed

TBD

Added

TBD

Resources

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47533

Use this package?

Scan your Python project for dependency vulnerabilities in two minutes

Scan your application