阿里云漏洞库

CVE编号

CVE-2022-0860

利用情况

暂无

补丁情况

官方补丁

披露时间

2022-03-11

Cobbler是一款网络安装服务器套件，它主要用于快速建立Linux网络安装环境。

Cobbler 3.3.2之前版本中存在安全漏洞，该漏洞源于应用中存在不正确的授权。

目前厂商已发布升级补丁以修复漏洞，补丁获取链接：

https://github.com/cobbler/cobbler/commit/9044aa990a94752fa5bd5a24051adde099280bfa

参考链接
https://github.com/cobbler/cobbler/commit/9044aa990a94752fa5bd5a24051adde099280bfa
https://huntr.dev/bounties/c458b868-63df-414e-af10-47e3745caa1d
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedora...
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedora...
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedora...