Foreman Foreman
5 CVEs affecting Foreman Foreman. Latest disclosed: 2019-12-11. Critical: 0, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2017-7505 | High | 8.8 | 2017-05-26 | Foreman since version 1.5 is vulnerable to an incorrect authorization check due to which users with user management permission who are assigned to some organiz… |
CVE-2017-7535 | Medium | 6.1 | 2018-07-26 | foreman before version 1.16.0 is vulnerable to a stored XSS in organizations/locations assignment to hosts. Exploiting this requires a user to actively assign… |
CVE-2016-7078 | Medium | 4.3 | 2018-09-10 | foreman before version 1.15.0 is vulnerable to an information leak through organizations and locations feature. When a user is assigned _no_ organizations/loca… |
CVE-2016-7077 | Medium | 4.3 | 2018-09-10 | foreman before 1.14.0 is vulnerable to an information leak. It was found that Foreman form helper does not authorize options for associated objects. Unauthoriz… |
CVE-2014-0091 | | 2019-12-11 | Foreman has improper input validation which could lead to partial Denial of Service |