Filtered by vendor Goteleport
Subscriptions
Filtered by product Teleport
Subscriptions
Total
5 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-41395 | 1 Goteleport | 1 Teleport | 2024-08-04 | 6.5 Medium |
| Teleport before 6.2.12 and 7.x before 7.1.1 allows attackers to control a database connection string, in some situations, via a crafted database name or username. | ||||
| CVE-2021-41393 | 1 Goteleport | 1 Teleport | 2024-08-04 | 9.8 Critical |
| Teleport before 4.4.11, 5.x before 5.2.4, 6.x before 6.2.12, and 7.x before 7.1.1 allows forgery of SSH host certificates in some situations. | ||||
| CVE-2021-41394 | 1 Goteleport | 1 Teleport | 2024-08-04 | 5.3 Medium |
| Teleport before 4.4.11, 5.x before 5.2.4, 6.x before 6.2.12, and 7.x before 7.1.1 allows alteration of build artifacts in some situations. | ||||
| CVE-2022-38599 | 1 Goteleport | 1 Teleport | 2024-08-03 | 6.5 Medium |
| Teleport v3.2.2, Teleport v3.5.6-rc6, and Teleport v3.6.3-b2 was discovered to contain an information leak via the /user/get-role-list web interface. | ||||
| CVE-2022-36633 | 1 Goteleport | 1 Teleport | 2024-08-03 | 8.8 High |
| Teleport 9.3.6 is vulnerable to Command injection leading to Remote Code Execution. An attacker can craft a malicious ssh agent installation link by URL encoding a bash escape with carriage return line feed. This url encoded payload can be used in place of a token and sent to a user in a social engineering attack. This is fully unauthenticated attack utilizing the trusted teleport server to deliver the payload. | ||||
Page 1 of 1.