Filtered by vendor Redhat
Subscriptions
Filtered by product Satellite Capsule
Subscriptions
Total
280 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2021-43818 | 6 Debian, Fedoraproject, Lxml and 3 more | 16 Debian Linux, Fedora, Lxml and 13 more | 2024-11-21 | 8.2 High |
lxml is a library for processing XML and HTML in the Python language. Prior to version 4.6.5, the HTML Cleaner in lxml.html lets certain crafted script content pass through, as well as script content in SVG files embedded using data URIs. Users that employ the HTML cleaner in a security relevant context should upgrade to lxml 4.6.5 to receive a patch. There are no known workarounds available. | ||||
CVE-2021-3584 | 2 Redhat, Theforeman | 3 Satellite, Satellite Capsule, Foreman | 2024-11-21 | 7.2 High |
A server side remote code execution vulnerability was found in Foreman project. A authenticated attacker could use Sendmail configuration options to overwrite the defaults and perform command injection. The highest threat from this vulnerability is to confidentiality, integrity and availability of system. Fixed releases are 2.4.1, 2.5.1, 3.0.0. | ||||
CVE-2021-3494 | 2 Redhat, Theforeman | 3 Satellite, Satellite Capsule, Foreman | 2024-11-21 | 5.9 Medium |
A smart proxy that provides a restful API to various sub-systems of the Foreman is affected by the flaw which can cause a Man-in-the-Middle attack. The FreeIPA module of Foreman smart proxy does not check the SSL certificate, thus, an unauthenticated attacker can perform actions in FreeIPA if certain conditions are met. The highest threat from this flaw is to system confidentiality. This flaw affects Foreman versions before 2.5.0. | ||||
CVE-2021-3413 | 2 Redhat, Theforeman | 3 Satellite, Satellite Capsule, Foreman Azurerm | 2024-11-21 | 6.3 Medium |
A flaw was found in Red Hat Satellite in tfm-rubygem-foreman_azure_rm in versions before 2.2.0. A credential leak was identified which will expose Azure Resource Manager's secret key through JSON of the API output. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | ||||
CVE-2021-3200 | 3 Opensuse, Oracle, Redhat | 5 Libsolv, Communications Cloud Native Core Policy, Enterprise Linux and 2 more | 2024-11-21 | 3.3 Low |
Buffer overflow vulnerability in libsolv 2020-12-13 via the Solver * testcase_read(Pool *pool, FILE *fp, const char *testcase, Queue *job, char **resultp, int *resultflagsp function at src/testcase.c: line 2334, which could cause a denial of service | ||||
CVE-2021-33938 | 2 Opensuse, Redhat | 4 Libsolv, Enterprise Linux, Satellite and 1 more | 2024-11-21 | 7.5 High |
Buffer overflow vulnerability in function prune_to_recommended in src/policy.c in libsolv before 0.7.17 allows attackers to cause a Denial of Service. | ||||
CVE-2021-33930 | 2 Opensuse, Redhat | 4 Libsolv, Enterprise Linux, Satellite and 1 more | 2024-11-21 | 7.5 High |
Buffer overflow vulnerability in function pool_installable_whatprovides in src/repo.h in libsolv before 0.7.17 allows attackers to cause a Denial of Service. | ||||
CVE-2021-33929 | 2 Opensuse, Redhat | 4 Libsolv, Enterprise Linux, Satellite and 1 more | 2024-11-21 | 7.5 High |
Buffer overflow vulnerability in function pool_disabled_solvable in src/repo.h in libsolv before 0.7.17 allows attackers to cause a Denial of Service. | ||||
CVE-2021-33928 | 2 Opensuse, Redhat | 4 Libsolv, Enterprise Linux, Satellite and 1 more | 2024-11-21 | 7.5 High |
Buffer overflow vulnerability in function pool_installable in src/repo.h in libsolv before 0.7.17 allows attackers to cause a Denial of Service. | ||||
CVE-2021-33571 | 3 Djangoproject, Fedoraproject, Redhat | 5 Django, Fedora, Openstack and 2 more | 2024-11-21 | 7.5 High |
In Django 2.2 before 2.2.24, 3.x before 3.1.12, and 3.2 before 3.2.4, URLValidator, validate_ipv4_address, and validate_ipv46_address do not prohibit leading zero characters in octal literals. This may allow a bypass of access control that is based on IP addresses. (validate_ipv4_address and validate_ipv46_address are unaffected with Python 3.9.5+..) . | ||||
CVE-2021-33503 | 4 Fedoraproject, Oracle, Python and 1 more | 10 Fedora, Enterprise Manager Ops Center, Instantis Enterprisetrack and 7 more | 2024-11-21 | 7.5 High |
An issue was discovered in urllib3 before 1.26.5. When provided with a URL containing many @ characters in the authority component, the authority regular expression exhibits catastrophic backtracking, causing a denial of service if a URL were passed as a parameter or redirected to via an HTTP redirect. | ||||
CVE-2021-33203 | 3 Djangoproject, Fedoraproject, Redhat | 5 Django, Fedora, Openstack and 2 more | 2024-11-21 | 4.9 Medium |
Django before 2.2.24, 3.x before 3.1.12, and 3.2.x before 3.2.4 has a potential directory traversal via django.contrib.admindocs. Staff members could use the TemplateDetailView view to check the existence of arbitrary files. Additionally, if (and only if) the default admindocs templates have been customized by application developers to also show file contents, then not only the existence but also the file contents would have been exposed. In other words, there is directory traversal outside of the template root directories. | ||||
CVE-2021-32839 | 2 Redhat, Sqlparse Project | 3 Satellite, Satellite Capsule, Sqlparse | 2024-11-21 | 7.5 High |
sqlparse is a non-validating SQL parser module for Python. In sqlparse versions 0.4.0 and 0.4.1 there is a regular Expression Denial of Service in sqlparse vulnerability. The regular expression may cause exponential backtracking on strings containing many repetitions of '\r\n' in SQL comments. Only the formatting feature that removes comments from SQL statements is affected by this regular expression. As a workaround don't use the sqlformat.format function with keyword strip_comments=True or the --strip-comments command line flag when using the sqlformat command line tool. The issues has been fixed in sqlparse 0.4.2. | ||||
CVE-2021-31542 | 4 Debian, Djangoproject, Fedoraproject and 1 more | 6 Debian Linux, Django, Fedora and 3 more | 2024-11-21 | 7.5 High |
In Django 2.2 before 2.2.21, 3.1 before 3.1.9, and 3.2 before 3.2.1, MultiPartParser, UploadedFile, and FieldFile allowed directory traversal via uploaded files with suitably crafted file names. | ||||
CVE-2021-28658 | 4 Debian, Djangoproject, Fedoraproject and 1 more | 6 Debian Linux, Django, Fedora and 3 more | 2024-11-21 | 5.3 Medium |
In Django 2.2 before 2.2.20, 3.0 before 3.0.14, and 3.1 before 3.1.8, MultiPartParser allowed directory traversal via uploaded files with suitably crafted file names. Built-in upload handlers were not affected by this vulnerability. | ||||
CVE-2021-27025 | 3 Fedoraproject, Puppet, Redhat | 8 Fedora, Puppet, Puppet Agent and 5 more | 2024-11-21 | 6.5 Medium |
A flaw was discovered in Puppet Agent where the agent may silently ignore Augeas settings or may be vulnerable to a Denial of Service condition prior to the first 'pluginsync'. | ||||
CVE-2021-27023 | 3 Fedoraproject, Puppet, Redhat | 7 Fedora, Puppet Agent, Puppet Enterprise and 4 more | 2024-11-21 | 9.8 Critical |
A flaw was discovered in Puppet Agent and Puppet Server that may result in a leak of HTTP credentials when following HTTP redirects to a different host. This is similar to CVE-2018-1000007 | ||||
CVE-2021-21330 | 4 Aiohttp, Debian, Fedoraproject and 1 more | 5 Aiohttp, Debian Linux, Fedora and 2 more | 2024-11-21 | 3.1 Low |
aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. In aiohttp before version 3.7.4 there is an open redirect vulnerability. A maliciously crafted link to an aiohttp-based web-server could redirect the browser to a different website. It is caused by a bug in the `aiohttp.web_middlewares.normalize_path_middleware` middleware. This security problem has been fixed in 3.7.4. Upgrade your dependency using pip as follows "pip install aiohttp >= 3.7.4". If upgrading is not an option for you, a workaround can be to avoid using `aiohttp.web_middlewares.normalize_path_middleware` in your applications. | ||||
CVE-2021-21290 | 6 Debian, Netapp, Netty and 3 more | 27 Debian Linux, Active Iq Unified Manager, Cloud Secure Agent and 24 more | 2024-11-21 | 6.2 Medium |
Netty is an open-source, asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. In Netty before version 4.1.59.Final there is a vulnerability on Unix-like systems involving an insecure temp file. When netty's multipart decoders are used local information disclosure can occur via the local system temporary directory if temporary storing uploads on the disk is enabled. On unix-like systems, the temporary directory is shared between all user. As such, writing to this directory using APIs that do not explicitly set the file/directory permissions can lead to information disclosure. Of note, this does not impact modern MacOS Operating Systems. The method "File.createTempFile" on unix-like systems creates a random file, but, by default will create this file with the permissions "-rw-r--r--". Thus, if sensitive information is written to this file, other local users can read this information. This is the case in netty's "AbstractDiskHttpData" is vulnerable. This has been fixed in version 4.1.59.Final. As a workaround, one may specify your own "java.io.tmpdir" when you start the JVM or use "DefaultHttpDataFactory.setBaseDir(...)" to set the directory to something that is only readable by the current user. | ||||
CVE-2021-20256 | 1 Redhat | 2 Satellite, Satellite Capsule | 2024-11-21 | 5.3 Medium |
A flaw was found in Red Hat Satellite. The BMC interface exposes the password through the API to an authenticated local attacker with view_hosts permission. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. |