vulnerability
Oracle Linux: CVE-2019-3804: ELSA-2019-0482: cockpit security update (MODERATE)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:N/AC:L/Au:N/C:N/I:N/A:P) | Dec 13, 2018 | Jul 21, 2020 | Dec 3, 2025 |
Severity
5
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:P)
Published
Dec 13, 2018
Added
Jul 21, 2020
Modified
Dec 3, 2025
Description
It was found that cockpit before version 184 used glib's base64 decode functionality incorrectly resulting in a denial of service attack. An unauthenticated attacker could send a specially crafted request with an invalid base64-encoded cookie which could cause the web service to crash.
It was found that cockpit used glib's base64 decode functionality incorrectly resulting in a denial of service attack. An unauthenticated attacker could send a specially crafted request with an invalid base64-encoded cookie which could cause the web service to crash.
It was found that cockpit used glib's base64 decode functionality incorrectly resulting in a denial of service attack. An unauthenticated attacker could send a specially crafted request with an invalid base64-encoded cookie which could cause the web service to crash.
Solutions
oracle-linux-upgrade-cockpitoracle-linux-upgrade-cockpit-bridgeoracle-linux-upgrade-cockpit-docoracle-linux-upgrade-cockpit-machines-ovirtoracle-linux-upgrade-cockpit-systemoracle-linux-upgrade-cockpit-ws
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.