Skip to main content

Mondoo Vulnerability Intelligence

Curated by Mondoo Research, enhanced with AI

Resources

Search Vulnerabilities
Trending CVEs
Browse Ecosystems
Terminology
Blog

Open Source

cnquery
cnspec

Star us on GitHub!

Company

Mondoo Platform
About
Contact

© 2026 Mondoo, Inc.

Privacy Policy Terms of Service Imprint

Vulnerability Intelligence

SUSE-SU-2018:2608-1 | Mondoo Vulnerability Intelligence

Vulnerability IntelligenceSUSE-SU-2018:2608-1

SUSE-SU-2018:2608-1

UNKNOWN

Security update for cobbler

Published Sep 4, 2018

Modified 7 years ago

Fix available

Details

This update for cobbler fixes the following issues:

Security issues fixed:

Forbid exposure of private methods in the API (CVE-2018-10931, CVE-2018-1000225, bsc#1104287, bsc#1104189, bsc#1105442)
Check access token when calling 'modify_setting' API endpoint (bsc#1104190, bsc#1105440, CVE-2018-1000226)

Other bugs fixed:

Fix kernel options when generating bootiso (bsc#1101670)

Affected Packages

cobbler

SUSE Manager Server 3.1

Fixed in:

2.6.6-5.17.1

References

https://bugzilla.suse.com/1101670

https://bugzilla.suse.com/1104189

https://bugzilla.suse.com/1104190

https://bugzilla.suse.com/1104287

https://bugzilla.suse.com/1105440

https://bugzilla.suse.com/1105442

https://www.suse.com/security/cve/CVE-2018-1000225

https://www.suse.com/security/cve/CVE-2018-1000226

https://www.suse.com/security/cve/CVE-2018-10931

https://www.suse.com/support/update/announcement/2018/suse-su-20182608-1/

Upstream

CVE-2018-1000225 CVE-2018-1000226 CVE-2018-10931

Related

CVE-2018-1000225 CVE-2018-1000226 CVE-2018-10931

Ecosystems

SUSE Manager Server 3.1

Timeline

PublishedSep 4, 2018

ModifiedSep 4, 2018