Filter
-Infinity
0
KatelloKatello: potential cross-site scripting exploit in ui
4.8
EPSS
0.04%
First published (updated )
GunicornAn authentication bypass vulnerability exists in Foreman due to Pulpcore when deployed with Gunicorn…
First published (updated )
CVE-2024-7012, CVE-2024-7923: Authentication bypass in Foman & Pulpco
First published (updated )
Katellomodules/certs/manifests/config.pp in katello-configure before 1.3.3.pulpv2 in Katello uses weak perm…
2.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
KatelloKatello allows remote authenticated users to call the "system remove_deletion" CLI command via vecto…
4.3
First published (updated )
KatelloKatello allows remote attackers to cause a denial of service (memory consumption) via the (1) mode p…
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Red Hat SatelliteA flaw was found in katello-debug before 3.4.0 where certain scripts and log files used insecure tem…
7.3
First published (updated )
redhat/foremanA flaw was found in Foreman's katello plugin version 3.4.5. After setting a new role to allow restri…
4.3
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
redhat/ansiblerole-insights-clientA cleartext password storage issue was discovered in Katello. Registry credentials used during cont…
4.1
First published (updated )
rubygems/katelloThe installation script in Katello 1.0 and earlier does not properly generate the Application.config…
9.8
First published (updated )
KatelloJan Rusnacko of Red Hat reports: Katello code exposes potential to_sym Denial of Service attack vec…
1
First published (updated )
KatelloAaron Weitekamp (aweiteka) reports: Description of problem: /etc/katello/secure/passphrase is world…
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
KatelloRegistry credentials are captured in plain text in dynflow task during repository discovery. Upstre…
1
First published (updated )
KatelloKatello has a Denial of Service vulnerability in API OAuth authentication
7.5
First published (updated )