RHSA-2026:7384

See a problem?
Please try reporting it to the source first.
Source
https://access.redhat.com/errata/RHSA-2026:7384
Import Source
https://security.access.redhat.com/data/osv/RHSA-2026:7384.json
JSON Data
https://api.osv.dev/v1/vulns/RHSA-2026:7384
Upstream
  • CVE-2026-4631
Published
2026-04-11T10:06:16Z
Modified
2026-04-11T10:31:43.424110Z
Severity
  • 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
Red Hat Security Advisory: cockpit: Unauthenticated remote code execution due to SSH command-line argument injection
Details
References

Affected packages

Red Hat:enterprise_linux:9::appstream
cockpit

Package

Name
cockpit
Purl
pkg:rpm/redhat/cockpit

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:344-2.el9_7

Database specific

source 
"https://security.access.redhat.com/data/osv/RHSA-2026:7384.json"
cockpit-bridge

Package

Name
cockpit-bridge
Purl
pkg:rpm/redhat/cockpit-bridge

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:344-2.el9_7

Database specific

source 
"https://security.access.redhat.com/data/osv/RHSA-2026:7384.json"
cockpit-debuginfo

Package

Name
cockpit-debuginfo
Purl
pkg:rpm/redhat/cockpit-debuginfo

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:344-2.el9_7

Database specific

source 
"https://security.access.redhat.com/data/osv/RHSA-2026:7384.json"
cockpit-debugsource

Package

Name
cockpit-debugsource
Purl
pkg:rpm/redhat/cockpit-debugsource

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:344-2.el9_7

Database specific

source 
"https://security.access.redhat.com/data/osv/RHSA-2026:7384.json"
cockpit-doc

Package

Name
cockpit-doc
Purl
pkg:rpm/redhat/cockpit-doc

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:344-2.el9_7

Database specific

source 
"https://security.access.redhat.com/data/osv/RHSA-2026:7384.json"
cockpit-packagekit

Package

Name
cockpit-packagekit
Purl
pkg:rpm/redhat/cockpit-packagekit

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:344-2.el9_7

Database specific

source 
"https://security.access.redhat.com/data/osv/RHSA-2026:7384.json"
cockpit-storaged

Package

Name
cockpit-storaged
Purl
pkg:rpm/redhat/cockpit-storaged

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:344-2.el9_7

Database specific

source 
"https://security.access.redhat.com/data/osv/RHSA-2026:7384.json"
cockpit-system

Package

Name
cockpit-system
Purl
pkg:rpm/redhat/cockpit-system

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:344-2.el9_7

Database specific

source 
"https://security.access.redhat.com/data/osv/RHSA-2026:7384.json"
cockpit-ws

Package

Name
cockpit-ws
Purl
pkg:rpm/redhat/cockpit-ws

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:344-2.el9_7

Database specific

source 
"https://security.access.redhat.com/data/osv/RHSA-2026:7384.json"
cockpit-ws-selinux

Package

Name
cockpit-ws-selinux
Purl
pkg:rpm/redhat/cockpit-ws-selinux

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:344-2.el9_7

Database specific

source 
"https://security.access.redhat.com/data/osv/RHSA-2026:7384.json"
Red Hat:enterprise_linux:9::baseos
cockpit

Package

Name
cockpit
Purl
pkg:rpm/redhat/cockpit

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:344-2.el9_7

Database specific

source 
"https://security.access.redhat.com/data/osv/RHSA-2026:7384.json"
cockpit-bridge

Package

Name
cockpit-bridge
Purl
pkg:rpm/redhat/cockpit-bridge

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:344-2.el9_7

Database specific

source 
"https://security.access.redhat.com/data/osv/RHSA-2026:7384.json"
cockpit-debuginfo

Package

Name
cockpit-debuginfo
Purl
pkg:rpm/redhat/cockpit-debuginfo

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:344-2.el9_7

Database specific

source 
"https://security.access.redhat.com/data/osv/RHSA-2026:7384.json"
cockpit-debugsource

Package

Name
cockpit-debugsource
Purl
pkg:rpm/redhat/cockpit-debugsource

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:344-2.el9_7

Database specific

source 
"https://security.access.redhat.com/data/osv/RHSA-2026:7384.json"
cockpit-doc

Package

Name
cockpit-doc
Purl
pkg:rpm/redhat/cockpit-doc

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:344-2.el9_7

Database specific

source 
"https://security.access.redhat.com/data/osv/RHSA-2026:7384.json"
cockpit-packagekit

Package

Name
cockpit-packagekit
Purl
pkg:rpm/redhat/cockpit-packagekit

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:344-2.el9_7

Database specific

source 
"https://security.access.redhat.com/data/osv/RHSA-2026:7384.json"
cockpit-storaged

Package

Name
cockpit-storaged
Purl
pkg:rpm/redhat/cockpit-storaged

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:344-2.el9_7

Database specific

source 
"https://security.access.redhat.com/data/osv/RHSA-2026:7384.json"
cockpit-system

Package

Name
cockpit-system
Purl
pkg:rpm/redhat/cockpit-system

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:344-2.el9_7

Database specific

source 
"https://security.access.redhat.com/data/osv/RHSA-2026:7384.json"
cockpit-ws

Package

Name
cockpit-ws
Purl
pkg:rpm/redhat/cockpit-ws

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:344-2.el9_7

Database specific

source 
"https://security.access.redhat.com/data/osv/RHSA-2026:7384.json"
cockpit-ws-selinux

Package

Name
cockpit-ws-selinux
Purl
pkg:rpm/redhat/cockpit-ws-selinux

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:344-2.el9_7

Database specific

source 
"https://security.access.redhat.com/data/osv/RHSA-2026:7384.json"