Skip to main content

Early Access — Mondoo Vulnerability Intelligence is currently in preview.

Mondoo Vulnerability Intelligence

Curated by Mondoo Research, enhanced with AI

Resources

Search Vulnerabilities
Trending CVEs
Browse Ecosystems
Terminology
Blog

Open Source

cnquery
cnspec

Star us on GitHub!

Company

Mondoo Platform
About
Contact

© 2026 Mondoo, Inc.

Privacy Policy Terms of Service Imprint

Vulnerability Intelligence

SUSE-SU-2022:0510-1 | Mondoo Vulnerability Intelligence

SUSE-SU-2022:0510-1

UNKNOWN

Security update for cobbler

Published Feb 18, 2022

Modified 3 years ago

Fix available

Details

This update for cobbler fixes the following issues:

CVE-2021-45083: Fixed unsafe permissions on sensitive files (bsc#1193671).
CVE-2021-45082: Fixed incomplete template sanitation (bsc#1193678).

The following non-security bugs were fixed:

Fix issues with installation module logging and validation (bsc#1195918)
Move configuration files ownership to apache (bsc#1195906)
Remove hardcoded test credentials (bsc#1193673)
Prevent log pollution (bsc#1193675)
Missing sanity check on MongoDB configuration file (bsc#1193676)

Affected Packages

SUSE:Manager Server Module 4.1cobbler

Fixed in:

3.0.0+git20190806.32c4bae0-8.22.9.1

References

REPORThttps://bugzilla.suse.com/1193671 REPORThttps://bugzilla.suse.com/1193673 REPORThttps://bugzilla.suse.com/1193675 REPORThttps://bugzilla.suse.com/1193676 REPORThttps://bugzilla.suse.com/1193678 REPORThttps://bugzilla.suse.com/1195906 REPORThttps://bugzilla.suse.com/1195918 WEBhttps://www.suse.com/security/cve/CVE-2021-45082 WEBhttps://www.suse.com/security/cve/CVE-2021-45083 ADVISORYhttps://www.suse.com/support/update/announcement/2022/suse-su-20220510-1/

Upstream

CVE-2021-45082 CVE-2021-45083

Related

CVE-2021-45082 CVE-2021-45083

Ecosystems

SUSE Manager Server Module 4.1

Timeline

PublishedFeb 18, 2022

ModifiedFeb 18, 2022