Approved changes feed: RSS · Atom
cpe:2.3:a:[unknown]:foreman:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | [Unknown] (5b07108a-8f0c-5d28-ab99-c4ff62adb460) |
|---|---|
| Product | Foreman (0fad5473-6fed-5f7b-91e9-a0289a63a6fa) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2018-14664 |
vulnerable | 2026-06-03 14:38:12.401660 |
Details available
MEDIUM (5.4)
A flaw was found in foreman from versions 1.18. A stored cross-site scripting vulnerability exists due to an improperly escaped HTML code in the breadcrumbs bar. This allows a user with permissions to edit which attribute is used in the breadcrumbs bar to store code that will be executed on the client side.
Published: 2018-10-12T20:00:00.000Z
Updated: 2024-08-05T09:38:12.688Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-2672 |
vulnerable | 2026-06-03 14:37:07.956939 |
Details available
MEDIUM (6.5)
A flaw was found in foreman before version 1.15 in the logging of adding and registering images. An attacker with access to the foreman log file would be able to view passwords for provisioned systems in the log file, allowing them to access those systems.
Published: 2018-06-21T13:00:00.000Z
Updated: 2024-08-05T14:02:07.221Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.