CRITICAL9.8CVE-2026-4631Cockpit's remote login feature passes user-supplied hostnames and usernames from the web interface to the SSH client without validation or… from 0, < 337-1+deb13u1
from 0
HIGH7.5A flaw was found in Cockpit in versions prior to 260 in the way it handles the certificate verification performed by the System Security Se…
from 0
HIGH7.5It was found that cockpit before version 184 used glib's base64 decode functionality incorrectly resulting in a denial of service attack.
from 0, < 184-1
HIGH7.3cockpit - security update
from 0, < 287.1-0+deb12u1
HIGH7.3cockpit - security update
from 0, < 287.1-0+deb12u1
MEDIUM4.3Cockpit (and its plugins) do not seem to protect itself against clickjacking.
from 0
LOW3.2A flaw was found in the cockpit package.
from 0