CVE-2023-49091

Cosmos provides users the ability self-host a home server by acting as a secure gateway to your application, as well as a server manager. Cosmos-server is vulnerable due to to the authorization header used for user login remaining valid and not expiring after log out. This vulnerability allows an attacker to use the token to gain unauthorized access to the application/system even after the user has logged out. This issue has been patched in version 0.13.0.

CVSS v3 9.8 CRITICAL

9.8^/10

CVSS v3 : CRITICAL

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://github.com/azukaar/Cosmos-Server/security/advisories/GHSA-hpvm-x7m8-3c6x	Exploit Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:cosmos-cloud:cosmos_server:0.1.15:::::::*
	cpe:2.3:a:cosmos-cloud:cosmos_server:0.1.16:::::::*
	cpe:2.3:a:cosmos-cloud:cosmos_server:0.1.17:::::::*
	cpe:2.3:a:cosmos-cloud:cosmos_server:0.2.0:::::::*
	cpe:2.3:a:cosmos-cloud:cosmos_server:0.3.0:-::::::
	cpe:2.3:a:cosmos-cloud:cosmos_server:0.3.1:::::::*
	cpe:2.3:a:cosmos-cloud:cosmos_server:0.3.2:::::::*
	cpe:2.3:a:cosmos-cloud:cosmos_server:0.3.3:::::::*
	cpe:2.3:a:cosmos-cloud:cosmos_server:0.3.4:::::::*
	cpe:2.3:a:cosmos-cloud:cosmos_server:0.3.5:::::::*
	cpe:2.3:a:cosmos-cloud:cosmos_server:0.4.0:-::::::
	cpe:2.3:a:cosmos-cloud:cosmos_server:0.4.1:::::::*
	cpe:2.3:a:cosmos-cloud:cosmos_server:0.4.2:::::::*
	cpe:2.3:a:cosmos-cloud:cosmos_server:0.4.3:::::::*
	cpe:2.3:a:cosmos-cloud:cosmos_server:0.5.0:-::::::
	cpe:2.3:a:cosmos-cloud:cosmos_server:0.5.1:::::::*
	cpe:2.3:a:cosmos-cloud:cosmos_server:0.5.2:::::::*
	cpe:2.3:a:cosmos-cloud:cosmos_server:0.5.3:::::::*
	cpe:2.3:a:cosmos-cloud:cosmos_server:0.5.4:::::::*
	cpe:2.3:a:cosmos-cloud:cosmos_server:0.5.5:::::::*
	cpe:2.3:a:cosmos-cloud:cosmos_server:0.5.6:::::::*
	cpe:2.3:a:cosmos-cloud:cosmos_server:0.5.7:-::::::
	cpe:2.3:a:cosmos-cloud:cosmos_server:0.5.8:::::::*
	cpe:2.3:a:cosmos-cloud:cosmos_server:0.5.9:::::::*
	cpe:2.3:a:cosmos-cloud:cosmos_server:0.5.12:::::::*
	cpe:2.3:a:cosmos-cloud:cosmos_server:0.6.0:-::::::
	cpe:2.3:a:cosmos-cloud:cosmos_server:0.6.1:::::::*
	cpe:2.3:a:cosmos-cloud:cosmos_server:0.6.2:::::::*
	cpe:2.3:a:cosmos-cloud:cosmos_server:0.6.3:::::::*
	cpe:2.3:a:cosmos-cloud:cosmos_server:0.6.4:-::::::
	cpe:2.3:a:cosmos-cloud:cosmos_server:0.7.0:-::::::
	cpe:2.3:a:cosmos-cloud:cosmos_server:0.7.1:::::::*
	cpe:2.3:a:cosmos-cloud:cosmos_server:0.7.2:::::::*
	cpe:2.3:a:cosmos-cloud:cosmos_server:0.7.3:::::::*
	cpe:2.3:a:cosmos-cloud:cosmos_server:0.7.4:::::::*
	cpe:2.3:a:cosmos-cloud:cosmos_server:0.7.5:::::::*
	cpe:2.3:a:cosmos-cloud:cosmos_server:0.7.6:::::::*
	cpe:2.3:a:cosmos-cloud:cosmos_server:0.7.7:::::::*
	cpe:2.3:a:cosmos-cloud:cosmos_server:0.7.8:::::::*
	cpe:2.3:a:cosmos-cloud:cosmos_server:0.7.9:::::::*
	cpe:2.3:a:cosmos-cloud:cosmos_server:0.7.10:::::::*
	cpe:2.3:a:cosmos-cloud:cosmos_server:0.8.0:-::::::
	cpe:2.3:a:cosmos-cloud:cosmos_server:0.8.1:::::::*
	cpe:2.3:a:cosmos-cloud:cosmos_server:0.8.2:::::::*
	cpe:2.3:a:cosmos-cloud:cosmos_server:0.8.3:::::::*
	cpe:2.3:a:cosmos-cloud:cosmos_server:0.8.4:::::::*
	cpe:2.3:a:cosmos-cloud:cosmos_server:0.8.5:::::::*
	cpe:2.3:a:cosmos-cloud:cosmos_server:0.8.6:::::::*
	cpe:2.3:a:cosmos-cloud:cosmos_server:0.8.7:::::::*
	cpe:2.3:a:cosmos-cloud:cosmos_server:0.8.8:::::::*
	cpe:2.3:a:cosmos-cloud:cosmos_server:0.8.9:::::::*
	cpe:2.3:a:cosmos-cloud:cosmos_server:0.8.10:::::::*
	cpe:2.3:a:cosmos-cloud:cosmos_server:0.8.11:::::::*
	cpe:2.3:a:cosmos-cloud:cosmos_server:0.9.0:-::::::
	cpe:2.3:a:cosmos-cloud:cosmos_server:0.9.1:::::::*
	cpe:2.3:a:cosmos-cloud:cosmos_server:0.9.2:::::::*
	cpe:2.3:a:cosmos-cloud:cosmos_server:0.9.3:::::::*
	cpe:2.3:a:cosmos-cloud:cosmos_server:0.9.4:::::::*
	cpe:2.3:a:cosmos-cloud:cosmos_server:0.9.5:::::::*
	cpe:2.3:a:cosmos-cloud:cosmos_server:0.9.6:::::::*
	cpe:2.3:a:cosmos-cloud:cosmos_server:0.9.7:::::::*
	cpe:2.3:a:cosmos-cloud:cosmos_server:0.9.8:::::::*
	cpe:2.3:a:cosmos-cloud:cosmos_server:0.9.9:::::::*
	cpe:2.3:a:cosmos-cloud:cosmos_server:0.9.10:::::::*
cpe:2.3:a:cosmos-cloud:cosmos_server:0.9.11:::::::*
cpe:2.3:a:cosmos-cloud:cosmos_server:0.9.12:::::::*
cpe:2.3:a:cosmos-cloud:cosmos_server:0.9.13:::::::*
cpe:2.3:a:cosmos-cloud:cosmos_server:0.9.14:::::::*
cpe:2.3:a:cosmos-cloud:cosmos_server:0.9.15:::::::*
cpe:2.3:a:cosmos-cloud:cosmos_server:0.9.16:::::::*
cpe:2.3:a:cosmos-cloud:cosmos_server:0.9.17:::::::*
cpe:2.3:a:cosmos-cloud:cosmos_server:0.9.18:::::::*
cpe:2.3:a:cosmos-cloud:cosmos_server:0.9.19:-::::::
cpe:2.3:a:cosmos-cloud:cosmos_server:0.9.20:::::::*
cpe:2.3:a:cosmos-cloud:cosmos_server:0.9.21:::::::*
cpe:2.3:a:cosmos-cloud:cosmos_server:0.10.0:-::::::
cpe:2.3:a:cosmos-cloud:cosmos_server:0.10.1:-::::::
cpe:2.3:a:cosmos-cloud:cosmos_server:0.10.2:::::::*
cpe:2.3:a:cosmos-cloud:cosmos_server:0.10.3:::::::*
cpe:2.3:a:cosmos-cloud:cosmos_server:0.10.4:-::::::
cpe:2.3:a:cosmos-cloud:cosmos_server:0.11.0:-::::::
cpe:2.3:a:cosmos-cloud:cosmos_server:0.11.1:::::::*
cpe:2.3:a:cosmos-cloud:cosmos_server:0.11.2:::::::*
cpe:2.3:a:cosmos-cloud:cosmos_server:0.11.3:::::::*
cpe:2.3:a:cosmos-cloud:cosmos_server:0.12.0:-::::::
cpe:2.3:a:cosmos-cloud:cosmos_server:0.12.1:::::::*
cpe:2.3:a:cosmos-cloud:cosmos_server:0.12.2:::::::*
cpe:2.3:a:cosmos-cloud:cosmos_server:0.12.3:::::::*
cpe:2.3:a:cosmos-cloud:cosmos_server:0.12.4:::::::*
cpe:2.3:a:cosmos-cloud:cosmos_server:0.12.5:::::::*
cpe:2.3:a:cosmos-cloud:cosmos_server:0.12.6:-::::::

History

No history.

Information

Published : 2023-11-29 20:15

Updated : 2023-12-08 15:12

NVD link : CVE-2023-49091

Mitre link : CVE-2023-49091

CVE.ORG link : CVE-2023-49091

JSON object : View

Products Affected

cosmos-cloud

cosmos_server

CWE

CWE-613

Insufficient Session Expiration

{"id": "CVE-2023-49091", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}, {"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}]}, "published": "2023-11-29T20:15:08.390", "references": [{"url": "https://github.com/azukaar/Cosmos-Server/security/advisories/GHSA-hpvm-x7m8-3c6x", "tags": ["Exploit", "Vendor Advisory"], "source": "security-advisories@github.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-613"}]}], "descriptions": [{"lang": "en", "value": "Cosmos provides users the ability self-host a home server by acting as a secure gateway to your application, as well as a server manager. Cosmos-server is vulnerable due to to the authorization header used for user login remaining valid and not expiring after log out. This vulnerability allows an attacker to use the token to gain unauthorized access to the application/system even after the user has logged out. This issue has been patched in version 0.13.0."}, {"lang": "es", "value": "Cosmos ofrece a los usuarios la posibilidad de autohospedar un servidor dom\u00e9stico actuando como una puerta de enlace segura a su aplicaci\u00f3n, as\u00ed como un administrador de servidor. Cosmos-server es vulnerable debido a que el encabezado de autorizaci\u00f3n utilizado para el inicio de sesi\u00f3n del usuario sigue siendo v\u00e1lido y no caduca despu\u00e9s del cierre de sesi\u00f3n. Esta vulnerabilidad permite a un atacante utilizar el token para obtener acceso no autorizado a la aplicaci\u00f3n/sistema incluso despu\u00e9s de que el usuario haya cerrado sesi\u00f3n. Este problema se solucion\u00f3 en la versi\u00f3n 0.13.0."}], "lastModified": "2023-12-08T15:12:23.173", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:cosmos-cloud:cosmos_server:0.1.15:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D0F9DD63-E895-471D-A103-89DC8CE4487F"}, {"criteria": "cpe:2.3:a:cosmos-cloud:cosmos_server:0.1.16:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "245BC303-196B-427E-9206-23FF97C1D028"}, {"criteria": "cpe:2.3:a:cosmos-cloud:cosmos_server:0.1.17:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AC80B4CA-DCF5-406B-8CBC-7D8B10C07D75"}, {"criteria": "cpe:2.3:a:cosmos-cloud:cosmos_server:0.2.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FFA40431-2EA9-4814-97BD-9B98FD12565A"}, {"criteria": "cpe:2.3:a:cosmos-cloud:cosmos_server:0.3.0:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "48F9560F-E849-40BF-87E4-3EE76E2307B3"}, {"criteria": "cpe:2.3:a:cosmos-cloud:cosmos_server:0.3.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "20001A99-A282-4201-9B35-2642AFBBEDF5"}, {"criteria": "cpe:2.3:a:cosmos-cloud:cosmos_server:0.3.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3FBF8D50-7369-4D65-B75A-A79B8313B5EA"}, {"criteria": "cpe:2.3:a:cosmos-cloud:cosmos_server:0.3.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E4DDF3EC-9AB2-4D07-AEF7-3B6F86CFEE33"}, {"criteria": "cpe:2.3:a:cosmos-cloud:cosmos_server:0.3.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "11F11DBC-37C2-4C5C-A42B-FA79A79A522C"}, {"criteria": "cpe:2.3:a:cosmos-cloud:cosmos_server:0.3.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F95649EE-5546-4C63-A325-7D1E7A8F1199"}, {"criteria": "cpe:2.3:a:cosmos-cloud:cosmos_server:0.4.0:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "704FEFD9-1E74-4381-A632-C0CE0C39A1B3"}, {"criteria": "cpe:2.3:a:cosmos-cloud:cosmos_server:0.4.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "72A4403B-0395-4D94-81BE-D0B7A7208A91"}, {"criteria": "cpe:2.3:a:cosmos-cloud:cosmos_server:0.4.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DBB50B8C-0B6A-4B35-866B-289E09D45EBE"}, {"criteria": "cpe:2.3:a:cosmos-cloud:cosmos_server:0.4.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9FEDF35D-62E1-4F55-8176-582BC12DCDEC"}, {"criteria": "cpe:2.3:a:cosmos-cloud:cosmos_server:0.5.0:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "59DA9642-F316-47B6-BEF4-B40A3A87B3B8"}, {"criteria": "cpe:2.3:a:cosmos-cloud:cosmos_server:0.5.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0BF3BB20-23D2-47EF-AEC3-624C00B3E279"}, {"criteria": "cpe:2.3:a:cosmos-cloud:cosmos_server:0.5.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A6C0489A-C381-4EAC-B2A9-BF2B52F7AB9E"}, {"criteria": "cpe:2.3:a:cosmos-cloud:cosmos_server:0.5.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7682B327-5A0A-4AA8-AA6C-135938853D73"}, {"criteria": "cpe:2.3:a:cosmos-cloud:cosmos_server:0.5.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1D82733E-1C1E-43ED-BB52-C4F4355BAA2E"}, {"criteria": "cpe:2.3:a:cosmos-cloud:cosmos_server:0.5.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DF6CA450-B6F6-4194-ABCC-6D1B70A0BD7C"}, {"criteria": "cpe:2.3:a:cosmos-cloud:cosmos_server:0.5.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "90DCCFD5-AA8C-4044-BF7C-9BE2CFA36D6F"}, {"criteria": "cpe:2.3:a:cosmos-cloud:cosmos_server:0.5.7:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0E302BF1-076C-4EF1-B578-9BEACBDB8563"}, {"criteria": "cpe:2.3:a:cosmos-cloud:cosmos_server:0.5.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D5DB6050-C175-4AB5-B3CC-924D02B5C70E"}, {"criteria": "cpe:2.3:a:cosmos-cloud:cosmos_server:0.5.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EDB59393-C90C-4913-9A7A-CAD64014C5DF"}, {"criteria": "cpe:2.3:a:cosmos-cloud:cosmos_server:0.5.12:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F1C4A549-39AA-4221-8104-53317A7B57ED"}, {"criteria": "cpe:2.3:a:cosmos-cloud:cosmos_server:0.6.0:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "007BA5D8-DD27-4C7D-8AEE-92E420444648"}, {"criteria": "cpe:2.3:a:cosmos-cloud:cosmos_server:0.6.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4E02C3A4-771F-4D2E-9246-ABA061F14BA8"}, {"criteria": "cpe:2.3:a:cosmos-cloud:cosmos_server:0.6.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9147CCB4-99BA-46C9-B4C1-9BFC78961063"}, {"criteria": "cpe:2.3:a:cosmos-cloud:cosmos_server:0.6.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CD0C8166-6388-47ED-9D63-28928973FB5E"}, {"criteria": "cpe:2.3:a:cosmos-cloud:cosmos_server:0.6.4:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6EB22B0B-EC99-411D-B7C1-C5DAB6A96107"}, {"criteria": "cpe:2.3:a:cosmos-cloud:cosmos_server:0.7.0:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "46D88BBD-968E-416D-9ED9-5087CC378D01"}, {"criteria": "cpe:2.3:a:cosmos-cloud:cosmos_server:0.7.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "33E78715-9E76-4E8C-8F27-E2ECD2C6969F"}, {"criteria": "cpe:2.3:a:cosmos-cloud:cosmos_server:0.7.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DB71C771-A2C0-4D6A-83DE-17A0031276CC"}, {"criteria": "cpe:2.3:a:cosmos-cloud:cosmos_server:0.7.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8864B3A3-81D4-476C-9D43-763E6C501C01"}, {"criteria": "cpe:2.3:a:cosmos-cloud:cosmos_server:0.7.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "362FDFC1-2F71-4B1D-AD5D-BEAB04150FC2"}, {"criteria": "cpe:2.3:a:cosmos-cloud:cosmos_server:0.7.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A243056D-2F2D-4A84-B02C-F21384D2CBBC"}, {"criteria": "cpe:2.3:a:cosmos-cloud:cosmos_server:0.7.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D95B7F37-69F9-47BD-81EE-01F85AA08265"}, {"criteria": "cpe:2.3:a:cosmos-cloud:cosmos_server:0.7.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "70AE035A-FEEB-4DCF-843B-273E1596777E"}, {"criteria": "cpe:2.3:a:cosmos-cloud:cosmos_server:0.7.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "60D429D5-8241-4431-8CDA-7B25D9F971F9"}, {"criteria": "cpe:2.3:a:cosmos-cloud:cosmos_server:0.7.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "20CB8797-381A-42DB-A268-600865E514FF"}, {"criteria": "cpe:2.3:a:cosmos-cloud:cosmos_server:0.7.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6EA361BE-1F6B-4F44-A5E8-8C1E08999BDD"}, {"criteria": "cpe:2.3:a:cosmos-cloud:cosmos_server:0.8.0:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A08386B6-3863-4861-A811-36269648290B"}, {"criteria": "cpe:2.3:a:cosmos-cloud:cosmos_server:0.8.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "514D19FA-EFC1-493A-82F8-E1643B6E37D2"}, {"criteria": "cpe:2.3:a:cosmos-cloud:cosmos_server:0.8.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A6547760-893A-4316-9B26-34FADD4BF455"}, {"criteria": "cpe:2.3:a:cosmos-cloud:cosmos_server:0.8.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5665A44D-8EE6-4BD3-BEC0-1316C0409CA1"}, {"criteria": "cpe:2.3:a:cosmos-cloud:cosmos_server:0.8.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "92D61C74-73FD-4F74-B817-6FA5B1903E84"}, {"criteria": "cpe:2.3:a:cosmos-cloud:cosmos_server:0.8.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2B8ED8F3-344C-4AAE-843C-75FFF052F8D6"}, {"criteria": "cpe:2.3:a:cosmos-cloud:cosmos_server:0.8.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E8EF95DE-656C-41F1-B169-20DED5234965"}, {"criteria": "cpe:2.3:a:cosmos-cloud:cosmos_server:0.8.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "30B30A3D-941F-4604-9703-D96E2689B431"}, {"criteria": "cpe:2.3:a:cosmos-cloud:cosmos_server:0.8.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BE7A76DF-1758-4B6F-B9B8-1D617D79A6D4"}, {"criteria": "cpe:2.3:a:cosmos-cloud:cosmos_server:0.8.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "286CF897-8C22-4BF6-B816-1E7B400FBC4B"}, {"criteria": "cpe:2.3:a:cosmos-cloud:cosmos_server:0.8.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7402E48F-188B-469E-AFF4-F5F5E8D4D305"}, {"criteria": "cpe:2.3:a:cosmos-cloud:cosmos_server:0.8.11:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E6029988-F826-45FE-8303-98DFB69ADD18"}, {"criteria": "cpe:2.3:a:cosmos-cloud:cosmos_server:0.9.0:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "56E2EFC3-9B64-4656-803C-3484981A57B4"}, {"criteria": "cpe:2.3:a:cosmos-cloud:cosmos_server:0.9.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "71DB2F36-103D-4A5C-A0D8-22E0B20E8BDB"}, {"criteria": "cpe:2.3:a:cosmos-cloud:cosmos_server:0.9.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "32EB3543-3E12-4CD6-B8E1-091C2BC06B4F"}, {"criteria": "cpe:2.3:a:cosmos-cloud:cosmos_server:0.9.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D06967B6-E215-422B-BC4B-8E63C56FB958"}, {"criteria": "cpe:2.3:a:cosmos-cloud:cosmos_server:0.9.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F9267FEE-CE5B-4ADB-9CD6-55698C2E6D11"}, {"criteria": "cpe:2.3:a:cosmos-cloud:cosmos_server:0.9.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E8CD0C5F-4EB0-477D-A672-BFCD56734C70"}, {"criteria": "cpe:2.3:a:cosmos-cloud:cosmos_server:0.9.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7960B3D0-01B0-480B-9B12-B4D5ACEBC526"}, {"criteria": "cpe:2.3:a:cosmos-cloud:cosmos_server:0.9.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "29536415-FEBA-470B-BBF0-B76D1148585C"}, {"criteria": "cpe:2.3:a:cosmos-cloud:cosmos_server:0.9.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "10E5D948-87FF-4789-B294-817294B85FD3"}, {"criteria": "cpe:2.3:a:cosmos-cloud:cosmos_server:0.9.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "35D87312-7595-4E02-B33D-190A99E2F34B"}, {"criteria": "cpe:2.3:a:cosmos-cloud:cosmos_server:0.9.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "ED4790DA-50A7-4E87-8780-79DE2818936D"}, {"criteria": "cpe:2.3:a:cosmos-cloud:cosmos_server:0.9.11:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B4FB9A84-A927-406C-AEE3-E6884F91B488"}, {"criteria": "cpe:2.3:a:cosmos-cloud:cosmos_server:0.9.12:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C1B8B916-894A-4555-B85E-971543039C5A"}, {"criteria": "cpe:2.3:a:cosmos-cloud:cosmos_server:0.9.13:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C0A6A70E-9992-4042-B3EF-F82CCE17F1E2"}, {"criteria": "cpe:2.3:a:cosmos-cloud:cosmos_server:0.9.14:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7F66ED38-32AC-4E7A-8506-625A53428E61"}, {"criteria": "cpe:2.3:a:cosmos-cloud:cosmos_server:0.9.15:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C0E702BA-98F3-402A-B4B4-EDB862455922"}, {"criteria": "cpe:2.3:a:cosmos-cloud:cosmos_server:0.9.16:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C9E95C76-F625-4C35-B4F6-C9C0625FD151"}, {"criteria": "cpe:2.3:a:cosmos-cloud:cosmos_server:0.9.17:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CDB8E645-65C2-47D8-9FA6-78E5AFDB91EB"}, {"criteria": "cpe:2.3:a:cosmos-cloud:cosmos_server:0.9.18:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A5286DEA-ECE0-4E40-96FE-11144B317EDD"}, {"criteria": "cpe:2.3:a:cosmos-cloud:cosmos_server:0.9.19:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F663B778-D1F3-4551-9812-61BF45A77279"}, {"criteria": "cpe:2.3:a:cosmos-cloud:cosmos_server:0.9.20:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FB0335D9-8789-48B5-A0FE-40A30993F535"}, {"criteria": "cpe:2.3:a:cosmos-cloud:cosmos_server:0.9.21:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "65390F75-4D2A-4A3A-97BC-16C2A7F08BDE"}, {"criteria": "cpe:2.3:a:cosmos-cloud:cosmos_server:0.10.0:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "88616AE6-0E5E-48CC-827D-CBC09BB4D352"}, {"criteria": "cpe:2.3:a:cosmos-cloud:cosmos_server:0.10.1:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0543F1CA-D9A6-478E-B9B3-804C6A8DB2C6"}, {"criteria": "cpe:2.3:a:cosmos-cloud:cosmos_server:0.10.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9639CAE7-FE63-4286-BE8C-E82E734F1B78"}, {"criteria": "cpe:2.3:a:cosmos-cloud:cosmos_server:0.10.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9958CCA3-7B3C-4CB5-9188-32C73C08735F"}, {"criteria": "cpe:2.3:a:cosmos-cloud:cosmos_server:0.10.4:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "14F79A15-D8C0-4041-AB5C-7B640011391A"}, {"criteria": "cpe:2.3:a:cosmos-cloud:cosmos_server:0.11.0:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "07DE8CDF-8D02-4744-806C-BFC18333ECE3"}, {"criteria": "cpe:2.3:a:cosmos-cloud:cosmos_server:0.11.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B6F247DF-C078-4CCA-9352-54F36DC5A4BA"}, {"criteria": "cpe:2.3:a:cosmos-cloud:cosmos_server:0.11.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "43350B4E-7D95-4963-ABF4-237E9E63A841"}, {"criteria": "cpe:2.3:a:cosmos-cloud:cosmos_server:0.11.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6F4E655A-4175-4953-AD19-F1F9BE1ABF62"}, {"criteria": "cpe:2.3:a:cosmos-cloud:cosmos_server:0.12.0:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8E8CD9C8-8F1E-428D-B7D4-BC822553F92D"}, {"criteria": "cpe:2.3:a:cosmos-cloud:cosmos_server:0.12.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "67696CA2-739B-40A3-9DD5-95A7BFA1448F"}, {"criteria": "cpe:2.3:a:cosmos-cloud:cosmos_server:0.12.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "70B8832F-7202-45C8-A7B2-30D3F2D57D41"}, {"criteria": "cpe:2.3:a:cosmos-cloud:cosmos_server:0.12.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5C81041A-1D6C-413A-8886-6F1308CA0E37"}, {"criteria": "cpe:2.3:a:cosmos-cloud:cosmos_server:0.12.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5678EC30-3F90-4911-B5E8-E01751BE13F3"}, {"criteria": "cpe:2.3:a:cosmos-cloud:cosmos_server:0.12.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "87AB67FA-11E4-4807-B62F-2AD3BA31AC45"}, {"criteria": "cpe:2.3:a:cosmos-cloud:cosmos_server:0.12.6:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DF30F289-0826-45C9-BDE4-6B78299E6536"}], "operator": "OR"}]}], "sourceIdentifier": "security-advisories@github.com"}

9.8 /10