目標達成 すべての支援者に感謝 — 100%達成しました!

目標: 1000 CNY · 調達済み: 1000 CNY

100.0%
コーヒーを一杯おごる

cockpit-hq 厂商漏洞列表 / CVE 中文分析 16

cockpit-hq 厂商相关 16 条 CVE 漏洞,含 AI 中文分析、POC、CVSS 评分与受影响产品。

Cockpit-HQ 是一个开源的 IT 基础设施管理平台,提供服务器、容器和虚拟机的统一管理界面。历史上,该项目常见漏洞类型包括远程代码执行(RCE)、跨站脚本(XSS)和权限绕过问题。截至最新统计,该项目已记录 16 条 CVE 漏洞,主要集中在身份验证机制和 API 端点安全方面。用户需关注其权限配置和输入验证机制,以防范潜在的安全风险。

上位製品 cockpit-hq: cockpit-hq/cockpit Cockpit
CVE IDタイトルCVSS深刻度公開日
CVE-2026-6626 Cockpit-HQ Cockpit Asset Handler/Aggregate data query logic injection — CockpitCWE-943 6.3 Medium2026-04-20
CVE-2026-31891 Cockpit CMS has SQL Injection in MongoLite Aggregation Optimizer via toJsonExtractRaw() — CockpitCWE-89 7.7 High2026-03-18
CVE-2023-4451 Cross-site Scripting (XSS) - Reflected in cockpit-hq/cockpit — cockpit-hq/cockpitCWE-79 5.4 -2023-08-20
CVE-2023-4433 Cross-site Scripting (XSS) - Stored in cockpit-hq/cockpit — cockpit-hq/cockpitCWE-79 5.4 -2023-08-19
CVE-2023-4432 Cross-site Scripting (XSS) - Reflected in cockpit-hq/cockpit — cockpit-hq/cockpitCWE-79 5.4 -2023-08-19
CVE-2023-4422 Cross-site Scripting (XSS) - Stored in cockpit-hq/cockpit — cockpit-hq/cockpitCWE-79 5.4 -2023-08-18
CVE-2023-4395 Cross-site Scripting (XSS) - Stored in cockpit-hq/cockpit — cockpit-hq/cockpitCWE-79 5.4 -2023-08-17
CVE-2023-4321 Cross-site Scripting (XSS) - Stored in cockpit-hq/cockpit — cockpit-hq/cockpitCWE-79 5.4 -2023-08-14
CVE-2023-4196 Cross-site Scripting (XSS) - Stored in cockpit-hq/cockpit — cockpit-hq/cockpitCWE-79 5.4 -2023-08-06
CVE-2023-4195 PHP Remote File Inclusion in cockpit-hq/cockpit — cockpit-hq/cockpitCWE-98 8.8 -2023-08-06
CVE-2023-1313 Unrestricted Upload of File with Dangerous Type in cockpit-hq/cockpit — cockpit-hq/cockpitCWE-434 8.8 -2023-03-10
CVE-2023-1160 Use of Platform-Dependent Third Party Components in cockpit-hq/cockpit — cockpit-hq/cockpitCWE-1103 7.5 -2023-03-03
CVE-2023-0780 Improper Restriction of Rendered UI Layers or Frames in cockpit-hq/cockpit — cockpit-hq/cockpitCWE-1021 5.4 -2023-02-11
CVE-2023-0759 Privilege Chaining in cockpit-hq/cockpit — cockpit-hq/cockpitCWE-268 8.8 -2023-02-09
CVE-2022-2818 Improper Removal of Sensitive Information Before Storage or Transfer in cockpit-hq/cockpit — cockpit-hq/cockpitCWE-212 9.8 Critical2022-08-15
CVE-2022-2713 Insufficient Session Expiration in cockpit-hq/cockpit — cockpit-hq/cockpitCWE-613 9.8 -2022-08-08

本页汇总了 cockpit-hq 厂商截至目前公开的全部 16 条 CVE 漏洞。每条漏洞均包含 CVSS 评分、CWE 弱点分类、受影响产品与参考链接,并附带 AI 生成的中文分析以便快速判断风险。