Search CVE reports


Toggle filters

1 – 6 of 6 results


CVE-2022-2806

Medium priority
Fixed

It was found that the ovirt-log-collector/sosreport collects the RHV admin password unfiltered. Fixed in: sos-4.2-20.el8_6, ovirt-log-collector-4.4.7-2.el8ev

1 affected packages

sosreport

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
sosreport Fixed Fixed Fixed Fixed
Show less packages

CVE-2018-14650

Medium priority
Not affected

It was discovered that sos-collector does not properly set the default permissions of newly created files, making all files created by the tool readable by any local user. A local attacker may use this flaw by waiting for a legit...

1 affected packages

sosreport

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
sosreport Not affected Not affected
Show less packages

CVE-2015-3171

Medium priority
Not affected

sosreport 3.2 uses weak permissions for generated sosreport archives, which allows local users with access to /var/tmp/ to obtain sensitive information by reading the contents of the archive.

1 affected packages

sosreport

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
sosreport
Show less packages

CVE-2015-7529

Low priority
Fixed

sosreport in SoS 3.x allows local users to obtain sensitive information from sosreport files or gain privileges via a symlink attack on an archive file in a temporary directory, as demonstrated by sosreport-$hostname-$date.tar in...

1 affected packages

sosreport

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
sosreport
Show less packages

CVE-2014-3925

Low priority
Fixed

sosreport in Red Hat sos 1.7 and earlier on Red Hat Enterprise Linux (RHEL) 5 produces an archive with an fstab file potentially containing cleartext passwords, and lacks a warning about reviewing this archive to detect included...

1 affected packages

sosreport

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
sosreport
Show less packages

CVE-2014-0246

Low priority
Fixed

SOSreport stores the md5 hash of the GRUB bootloader password in an archive, which allows local users to obtain sensitive information by reading the archive.

1 affected packages

sosreport

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
sosreport Not affected
Show less packages