Sos

sos

Vendor: Sos Project • 3 CVEs

CVEs (3)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2022-2806 2Ovirt Sos Project 2Log Collector Sos Nov 21, 2024 Sep 1, 2022 N/A· v4 5.5 MEDIUM· v3 N/A· v2 It was found that the ovirt-log-collector/sosreport collects the RHV admin password unfiltered. Fixed in: sos-4.2-20.el8_6, ovirt-log-collector-4.4.7-2.el8ev
CVE-2015-7529 3Canonical RedhatSos Project 8Enterprise Linux Desktop Enterprise Linux ServerEnterprise Linux Server Aus+5 more May 13, 2026 Nov 6, 2017 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 sosreport in SoS 3.x allows local users to obtain sensitive information from sosreport files or gain privileges via a symlink attack on an archive file in a temporary directory, as demonstrated by sosreport-$hostname-$da...Show more sosreport in SoS 3.x allows local users to obtain sensitive information from sosreport files or gain privileges via a symlink attack on an archive file in a temporary directory, as demonstrated by sosreport-$hostname-$date.tar in /tmp/sosreport-$hostname-$date.Show less
CVE-2015-3171 1Sos Project 1Sos May 13, 2026 Jul 25, 2017 N/A· v4 5.5 MEDIUM· v3 2.1 LOW· v2 sosreport 3.2 uses weak permissions for generated sosreport archives, which allows local users with access to /var/tmp/ to obtain sensitive information by reading the contents of the archive.