Filtered by vendor Redhat
Subscriptions
Filtered by product Satellite Capsule
Subscriptions
Total
266 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2016-3112 | 2 Pulpproject, Redhat | 3 Pulp, Satellite, Satellite Capsule | 2024-08-05 | N/A |
client/consumer/cli.py in Pulp before 2.8.3 writes consumer private keys to etc/pki/pulp/consumer/consumer-cert.pem as world-readable, which allows remote authenticated users to obtain the consumer private keys and escalate privileges by reading /etc/pki/pulp/consumer/consumer-cert, and authenticating as a consumer user. | ||||
CVE-2016-3111 | 2 Pulpproject, Redhat | 3 Pulp, Satellite, Satellite Capsule | 2024-08-05 | N/A |
pulp.spec in the installation process for Pulp 2.8.3 generates the RSA key pairs used to validate messages between the pulp server and pulp consumers in a directory that is world-readable before later modifying the permissions, which might allow local users to read the generated RSA keys via reading the key files while the installation process is running. | ||||
CVE-2016-3108 | 2 Pulpproject, Redhat | 3 Pulp, Satellite, Satellite Capsule | 2024-08-05 | N/A |
The pulp-gen-nodes-certificate script in Pulp before 2.8.3 allows local users to leak the keys or write to arbitrary files via a symlink attack. | ||||
CVE-2016-3107 | 2 Pulpproject, Redhat | 3 Pulp, Satellite, Satellite Capsule | 2024-08-05 | N/A |
The Node certificate in Pulp before 2.8.3 contains the private key, and is stored in a world-readable file in the "/etc/pki/pulp/nodes/" directory, which allows local users to gain access to sensitive data. | ||||
CVE-2016-2166 | 3 Apache, Fedoraproject, Redhat | 4 Qpid Proton, Fedora, Satellite and 1 more | 2024-08-05 | N/A |
The (1) proton.reactor.Connector, (2) proton.reactor.Container, and (3) proton.utils.BlockingConnection classes in Apache Qpid Proton before 0.12.1 improperly use an unencrypted connection for an amqps URI scheme when SSL support is unavailable, which might allow man-in-the-middle attackers to obtain sensitive information or modify data via unspecified vectors. | ||||
CVE-2016-2100 | 2 Redhat, Theforeman | 3 Satellite, Satellite Capsule, Foreman | 2024-08-05 | N/A |
Foreman before 1.10.3 and 1.11.0 before 1.11.0-RC2 allow remote authenticated users to read, modify, or delete private bookmarks by leveraging the (1) edit_bookmarks or (2) destroy_bookmarks permission. | ||||
CVE-2016-1669 | 6 Canonical, Debian, Google and 3 more | 11 Ubuntu Linux, Debian Linux, Chrome and 8 more | 2024-08-05 | 8.8 High |
The Zone::New function in zone.cc in Google V8 before 5.0.71.47, as used in Google Chrome before 50.0.2661.102, does not properly determine when to expand certain memory allocations, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via crafted JavaScript code. | ||||
CVE-2017-17718 | 2 Net-ldap Project, Redhat | 3 Net-ldap, Satellite, Satellite Capsule | 2024-08-05 | N/A |
The Net::LDAP (aka net-ldap) gem before 0.16.0 for Ruby has Missing SSL Certificate Validation. | ||||
CVE-2017-15100 | 2 Redhat, Theforeman | 3 Satellite, Satellite Capsule, Foreman | 2024-08-05 | 6.1 Medium |
An attacker submitting facts to the Foreman server containing HTML can cause a stored XSS on certain pages: (1) Facts page, when clicking on the "chart" button and hovering over the chart; (2) Trends page, when checking the graph for a trend based on a such fact; (3) Statistics page, for facts that are aggregated on this page. | ||||
CVE-2017-12175 | 1 Redhat | 2 Satellite, Satellite Capsule | 2024-08-05 | N/A |
Red Hat Satellite before 6.5 is vulnerable to a XSS in discovery rule when you are entering filter and you use autocomplete functionality. | ||||
CVE-2017-7233 | 2 Djangoproject, Redhat | 4 Django, Openstack, Satellite and 1 more | 2024-08-05 | N/A |
Django 1.10 before 1.10.7, 1.9 before 1.9.13, and 1.8 before 1.8.18 relies on user input in some cases to redirect the user to an "on success" URL. The security check for these redirects (namely ``django.utils.http.is_safe_url()``) considered some numeric URLs "safe" when they shouldn't be, aka an open redirect vulnerability. Also, if a developer relies on ``is_safe_url()`` to provide safe redirect targets and puts such a URL into a link, they could suffer from an XSS attack. | ||||
CVE-2017-5929 | 2 Qos, Redhat | 7 Logback, Jboss Amq, Jboss Bpms and 4 more | 2024-08-05 | 9.8 Critical |
QOS.ch Logback before 1.2.0 has a serialization vulnerability affecting the SocketServer and ServerSocketReceiver components. | ||||
CVE-2017-2667 | 2 Redhat, Theforeman | 3 Satellite, Satellite Capsule, Hammer Cli | 2024-08-05 | 8.1 High |
Hammer CLI, a CLI utility for Foreman, before version 0.10.0, did not explicitly set the verify_ssl flag for apipie-bindings that disable it by default. As a result the server certificates are not checked and connections are prone to man-in-the-middle attacks. | ||||
CVE-2017-2672 | 2 Redhat, Theforeman | 3 Satellite, Satellite Capsule, Foreman | 2024-08-05 | N/A |
A flaw was found in foreman before version 1.15 in the logging of adding and registering images. An attacker with access to the foreman log file would be able to view passwords for provisioned systems in the log file, allowing them to access those systems. | ||||
CVE-2017-2662 | 2 Redhat, Theforeman | 3 Satellite, Satellite Capsule, Katello | 2024-08-05 | N/A |
A flaw was found in Foreman's katello plugin version 3.4.5. After setting a new role to allow restricted access on a repository with a filter (filter set on the Product Name), the filter is not respected when the actions are done via hammer using the repository id. | ||||
CVE-2018-1000632 | 5 Debian, Dom4j Project, Netapp and 2 more | 17 Debian Linux, Dom4j, Oncommand Workflow Automation and 14 more | 2024-08-05 | 7.5 High |
dom4j version prior to version 2.1.1 contains a CWE-91: XML Injection vulnerability in Class: Element. Methods: addElement, addAttribute that can result in an attacker tampering with XML documents through XML injection. This attack appear to be exploitable via an attacker specifying attributes or elements in the XML document. This vulnerability appears to have been fixed in 2.1.1 or later. | ||||
CVE-2018-1000119 | 2 Redhat, Sinatrarb | 4 Enterprise Linux, Satellite, Satellite Capsule and 1 more | 2024-08-05 | N/A |
Sinatra rack-protection versions 1.5.4 and 2.0.0.rc3 and earlier contains a timing attack vulnerability in the CSRF token checking that can result in signatures can be exposed. This attack appear to be exploitable via network connectivity to the ruby application. This vulnerability appears to have been fixed in 1.5.5 and 2.0.0. | ||||
CVE-2018-16887 | 2 Redhat, Theforeman | 3 Satellite, Satellite Capsule, Katello | 2024-08-05 | N/A |
A cross-site scripting (XSS) flaw was found in the katello component of Satellite. An attacker with privilege to create/edit organizations and locations is able to execute a XSS attacks against other users through the Subscriptions or the Red Hat Repositories wizards. This can possibly lead to malicious code execution and extraction of the anti-CSRF token of higher privileged users. Versions before 3.9.0 are vulnerable. | ||||
CVE-2018-16861 | 2 Redhat, Theforeman | 3 Satellite, Satellite Capsule, Foreman | 2024-08-05 | N/A |
A cross-site scripting (XSS) flaw was found in the foreman component of satellite. An attacker with privilege to create entries using the Hosts, Monitor, Infrastructure, or Administer Menus is able to execute a XSS attacks against other users, possibly leading to malicious code execution and extraction of the anti-CSRF token of higher privileged users. Foreman before 1.18.3, 1.19.1, and 1.20.0 are vulnerable. | ||||
CVE-2018-16470 | 2 Rack Project, Redhat | 3 Rack, Satellite, Satellite Capsule | 2024-08-05 | N/A |
There is a possible DoS vulnerability in the multipart parser in Rack before 2.0.6. Specially crafted requests can cause the multipart parser to enter a pathological state, causing the parser to use CPU resources disproportionate to the request size. |