foreman_fog_proxmox 0.12.0
1 security vulnerability
found in version
0.12.0
Exposure of Sensitive Information to an Unauthorized Actor in foreman_fog_proxmox
high severity CVE-2021-20259
high severity
CVE-2021-20259
Patched versions:
>= 0.13.1
A flaw was found in the Foreman project. The Proxmox compute resource exposes the password through the API to an authenticated local attacker with view_hosts permission. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. Versions before foreman_fog_proxmox 0.13.1 are affected
No officially reported memory leakage issues detected.
This gem version does not have any officially reported memory leaked issues.
No license issues detected.
This gem version has a license in the gemspec.
This gem version is available.
This gem version has not been yanked and is still available for usage.