supervisord CVE Vulnerabilities & CVE List (2)

Products (CPE): — CVEs: 2

supervisord vulnerability overview

This page aggregates publicly disclosed CVE and security risk information related to supervisord, with CVSS, EPSS, publication dates, and vulnerability intelligence data to help assess potential risk and remediation priority.

Vulnerability distribution trend (last 24 months)

Showing 12 of 2 CVEs
«« First « Prev Page 1 / 1 Next »
CVE Summary Source Max CVSS EPSS % Published Updated
CVE-2019-12105 In Supervisor through 4.0.2, an unauthenticated user can read log files or restart a service. Note: The maintainer responded that the affected component, inet_http_server, is not enabled by default but if the user enables it and does not set a password, Supervisor logs a warning message. The maintainer indicated the ability to run an open server will not be removed but an additional warning was added to the documentation [email protected] 8.2 2.28% 2019-09-10 2026-06-16
CVE-2017-11610 The XML-RPC server in supervisor before 3.0.1, 3.1.x before 3.1.4, 3.2.x before 3.2.4, and 3.3.x before 3.3.3 allows remote authenticated users to execute arbitrary commands via a crafted XML-RPC request, related to nested supervisord namespace lookups. [email protected] 8.8 87.54% 2017-08-23 2026-06-16
«« First « Prev Page 1 / 1 Next »
cvelogic Threat Intelligence