Filtered by vendor Redhat
Subscriptions
Filtered by product Satellite
Subscriptions
Total
550 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-23334 | 3 Aiohttp, Fedoraproject, Redhat | 6 Aiohttp, Fedora, Ansible Automation Platform and 3 more | 2025-05-30 | 5.9 Medium |
| aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. When using aiohttp as a web server and configuring static routes, it is necessary to specify the root path for static files. Additionally, the option 'follow_symlinks' can be used to determine whether to follow symbolic links outside the static root directory. When 'follow_symlinks' is set to True, there is no validation to check if reading a file is within the root directory. This can lead to directory traversal vulnerabilities, resulting in unauthorized access to arbitrary files on the system, even when symlinks are not present. Disabling follow_symlinks and using a reverse proxy are encouraged mitigations. Version 3.9.2 fixes this issue. | ||||
| CVE-2021-41136 | 3 Debian, Puma, Redhat | 3 Debian Linux, Puma, Satellite | 2025-05-27 | 3.7 Low |
| Puma is a HTTP 1.1 server for Ruby/Rack applications. Prior to versions 5.5.1 and 4.3.9, using `puma` with a proxy which forwards HTTP header values which contain the LF character could allow HTTP request smugggling. A client could smuggle a request through a proxy, causing the proxy to send a response back to another unknown client. The only proxy which has this behavior, as far as the Puma team is aware of, is Apache Traffic Server. If the proxy uses persistent connections and the client adds another request in via HTTP pipelining, the proxy may mistake it as the first request's body. Puma, however, would see it as two requests, and when processing the second request, send back a response that the proxy does not expect. If the proxy has reused the persistent connection to Puma to send another request for a different client, the second response from the first client will be sent to the second client. This vulnerability was patched in Puma 5.5.1 and 4.3.9. As a workaround, do not use Apache Traffic Server with `puma`. | ||||
| CVE-2022-29181 | 3 Apple, Nokogiri, Redhat | 4 Macos, Nokogiri, Satellite and 1 more | 2025-05-27 | 8.2 High |
| Nokogiri is an open source XML and HTML library for Ruby. Nokogiri prior to version 1.13.6 does not type-check all inputs into the XML and HTML4 SAX parsers, allowing specially crafted untrusted inputs to cause illegal memory access errors (segfault) or reads from unrelated memory. Version 1.13.6 contains a patch for this issue. As a workaround, ensure the untrusted input is a `String` by calling `#to_s` or equivalent. | ||||
| CVE-2021-45116 | 3 Djangoproject, Fedoraproject, Redhat | 4 Django, Fedora, Satellite and 1 more | 2025-05-22 | 7.5 High |
| An issue was discovered in Django 2.2 before 2.2.26, 3.2 before 3.2.11, and 4.0 before 4.0.1. Due to leveraging the Django Template Language's variable resolution logic, the dictsort template filter was potentially vulnerable to information disclosure, or an unintended method call, if passed a suitably crafted key. | ||||
| CVE-2024-24680 | 2 Djangoproject, Redhat | 6 Django, Ansible Automation Platform, Openstack and 3 more | 2025-05-15 | 7.5 High |
| An issue was discovered in Django 3.2 before 3.2.24, 4.2 before 4.2.10, and Django 5.0 before 5.0.2. The intcomma template filter was subject to a potential denial-of-service attack when used with very long strings. | ||||
| CVE-2022-41323 | 2 Djangoproject, Redhat | 4 Django, Rhui, Satellite and 1 more | 2025-05-14 | 7.5 High |
| In Django 3.2 before 3.2.16, 4.0 before 4.0.8, and 4.1 before 4.1.2, internationalized URLs were subject to a potential denial of service attack via the locale parameter, which is treated as a regular expression. | ||||
| CVE-2016-1000340 | 2 Bouncycastle, Redhat | 4 Bc-java, Jboss Fuse, Satellite and 1 more | 2025-05-12 | N/A |
| In the Bouncy Castle JCE Provider versions 1.51 to 1.55, a carry propagation bug was introduced in the implementation of squaring for several raw math classes have been fixed (org.bouncycastle.math.raw.Nat???). These classes are used by our custom elliptic curve implementations (org.bouncycastle.math.ec.custom.**), so there was the possibility of rare (in general usage) spurious calculations for elliptic curve scalar multiplications. Such errors would have been detected with high probability by the output validation for our scalar multipliers. | ||||
| CVE-2016-1000339 | 3 Bouncycastle, Debian, Redhat | 5 Bc-java, Debian Linux, Jboss Fuse and 2 more | 2025-05-12 | N/A |
| In the Bouncy Castle JCE Provider version 1.55 and earlier the primary engine class used for AES was AESFastEngine. Due to the highly table driven approach used in the algorithm it turns out that if the data channel on the CPU can be monitored the lookup table accesses are sufficient to leak information on the AES key being used. There was also a leak in AESEngine although it was substantially less. AESEngine has been modified to remove any signs of leakage (testing carried out on Intel X86-64) and is now the primary AES class for the BC JCE provider from 1.56. Use of AESFastEngine is now only recommended where otherwise deemed appropriate. | ||||
| CVE-2016-1000352 | 2 Bouncycastle, Redhat | 4 Bc-java, Jboss Fuse, Satellite and 1 more | 2025-05-12 | N/A |
| In the Bouncy Castle JCE Provider version 1.55 and earlier the ECIES implementation allowed the use of ECB mode. This mode is regarded as unsafe and support for it has been removed from the provider. | ||||
| CVE-2016-1000343 | 3 Bouncycastle, Debian, Redhat | 5 Bc-java, Debian Linux, Jboss Fuse and 2 more | 2025-05-12 | N/A |
| In the Bouncy Castle JCE Provider version 1.55 and earlier the DSA key pair generator generates a weak private key if used with default values. If the JCA key pair generator is not explicitly initialised with DSA parameters, 1.55 and earlier generates a private value assuming a 1024 bit key size. In earlier releases this can be dealt with by explicitly passing parameters to the key pair generator. | ||||
| CVE-2016-1000341 | 3 Bouncycastle, Debian, Redhat | 5 Bc-java, Debian Linux, Jboss Fuse and 2 more | 2025-05-12 | N/A |
| In the Bouncy Castle JCE Provider version 1.55 and earlier DSA signature generation is vulnerable to timing attack. Where timings can be closely observed for the generation of signatures, the lack of blinding in 1.55, or earlier, may allow an attacker to gain information about the signature's k value and ultimately the private value as well. | ||||
| CVE-2016-1000344 | 2 Bouncycastle, Redhat | 4 Bc-java, Jboss Fuse, Satellite and 1 more | 2025-05-12 | N/A |
| In the Bouncy Castle JCE Provider version 1.55 and earlier the DHIES implementation allowed the use of ECB mode. This mode is regarded as unsafe and support for it has been removed from the provider. | ||||
| CVE-2016-1000346 | 3 Bouncycastle, Debian, Redhat | 5 Bc-java, Debian Linux, Jboss Fuse and 2 more | 2025-05-12 | N/A |
| In the Bouncy Castle JCE Provider version 1.55 and earlier the other party DH public key is not fully validated. This can cause issues as invalid keys can be used to reveal details about the other party's private key where static Diffie-Hellman is in use. As of release 1.56 the key parameters are checked on agreement calculation. | ||||
| CVE-2016-1000345 | 3 Bouncycastle, Debian, Redhat | 5 Bc-java, Debian Linux, Jboss Fuse and 2 more | 2025-05-12 | N/A |
| In the Bouncy Castle JCE Provider version 1.55 and earlier the DHIES/ECIES CBC mode vulnerable to padding oracle attack. For BC 1.55 and older, in an environment where timings can be easily observed, it is possible with enough observations to identify when the decryption is failing due to padding. | ||||
| CVE-2018-5382 | 2 Bouncycastle, Redhat | 3 Bc-java, Satellite, Satellite Capsule | 2025-05-12 | 4.4 Medium |
| The default BKS keystore use an HMAC that is only 16 bits long, which can allow an attacker to compromise the integrity of a BKS keystore. Bouncy Castle release 1.47 changes the BKS format to a format which uses a 160 bit HMAC instead. This applies to any BKS keystore generated prior to BC 1.47. For situations where people need to create the files for legacy reasons a specific keystore type "BKS-V1" was introduced in 1.49. It should be noted that the use of "BKS-V1" is discouraged by the library authors and should only be used where it is otherwise safe to do so, as in where the use of a 16 bit checksum for the file integrity check is not going to cause a security issue in itself. | ||||
| CVE-2016-1000342 | 3 Bouncycastle, Debian, Redhat | 5 Bc-java, Debian Linux, Jboss Fuse and 2 more | 2025-05-12 | N/A |
| In the Bouncy Castle JCE Provider version 1.55 and earlier ECDSA does not fully validate ASN.1 encoding of signature on verification. It is possible to inject extra elements in the sequence making up the signature and still have it validate, which in some cases may allow the introduction of 'invisible' data into a signed structure. | ||||
| CVE-2020-8165 | 4 Debian, Opensuse, Redhat and 1 more | 5 Debian Linux, Leap, Satellite and 2 more | 2025-05-09 | 9.8 Critical |
| A deserialization of untrusted data vulnernerability exists in rails < 5.2.4.3, rails < 6.0.3.1 that can allow an attacker to unmarshal user-provided objects in MemCacheStore and RedisCacheStore potentially resulting in an RCE. | ||||
| CVE-2022-3644 | 2 Pulpproject, Redhat | 5 Pulp Ansible, Ansible Automation Platform, Satellite and 2 more | 2025-05-07 | 5.5 Medium |
| The collection remote for pulp_ansible stores tokens in plaintext instead of using pulp's encrypted field and exposes them in read/write mode via the API () instead of marking it as write only. | ||||
| CVE-2018-2798 | 6 Canonical, Debian, Hp and 3 more | 18 Ubuntu Linux, Debian Linux, Xp7 Command View and 15 more | 2025-05-06 | 5.3 Medium |
| Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L). | ||||
| CVE-2018-2796 | 6 Canonical, Debian, Hp and 3 more | 18 Ubuntu Linux, Debian Linux, Xp7 Command View and 15 more | 2025-05-06 | 5.3 Medium |
| Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Concurrency). Supported versions that are affected are Java SE: 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L). | ||||