Cosmos provides users the ability self-host a home server by acting as a secure gateway to your application, as well as a server manager. Cosmos-server is vulnerable due to to the authorization header used for user login remaining valid and not expiring after log out. This vulnerability allows an attacker to use the token to gain unauthorized access to the application/system even after the user has logged out. This issue has been patched in version 0.13.0.
Find out more about CVE-2023-49091 from the MITRE-CVE dictionary and NIST NVD
Login may be required to access defects or downloads.
| Product Name | Status | Defect | Fixed | Downloads |
|---|---|---|---|---|
| Linux | ||||
| Wind River Linux LTS 17 | Not Vulnerable | -- | -- | -- |
| Wind River Linux 8 | Not Vulnerable | -- | -- | -- |
| Wind River Linux 9 | Not Vulnerable | -- | -- | -- |
| Wind River Linux 7 | Not Vulnerable | -- | -- | -- |
| Wind River Linux LTS 21 | Not Vulnerable | -- | -- | -- |
| Wind River Linux LTS 22 | Not Vulnerable | -- | -- | -- |
| Wind River Linux LTS 18 | Not Vulnerable | -- | -- | -- |
| Wind River Linux LTS 19 | Not Vulnerable | -- | -- | -- |
| Wind River Linux CD release | N/A | -- | -- | -- |
| Wind River Linux 6 | Not Vulnerable | -- | -- | -- |
| Wind River Linux LTS 23 | Not Vulnerable | -- | -- | -- |
| VxWorks | ||||
| VxWorks 7 | Not Vulnerable | -- | -- | -- |
| VxWorks 6.9 | Not Vulnerable | -- | -- | -- |
| Helix Virtualization Platform Cert Edition | ||||
| Helix Virtualization Platform Cert Edition | Not Vulnerable | -- | -- | -- |
| eLxr | ||||
| eLxr 12 | Not Vulnerable | -- | -- | -- |
| Product Name | Status | Defect | Fixed | Downloads |
|---|
