RHSA-2024:10806 Red Hat Security Advisory: Satellite 6.15.5 Async Update

Bulletin has no description...

RHEL 8 : Satellite 6.15.5 Async Update (Moderate) (RHSA-2024:10806)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:10806 advisory. Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity t...

Atlassian Confluence 6.14.x < 6.15.5 Information Disclosure

According to its self-reported version number, the Atlassian Confluence application running on the remote host is prior to 6.13.6, 6.14.x 6.15.5 or 7.0.x 7.0.1. It is, therefore, affected by a missing permissions check vulnerability allowing remote attackers to obtain information about configured...

Information disclosure in the listEntityLinks servlet resource of the Application links plugin - CVE-2019-15011

The version of the Application Links plugin used in Confluence before version 6.13.6, from version 6.14.0 before version 6.15.5, and from version 7.0.0 before 7.0.1 allows remote attackers to obtain information about configured application links via a missing permissions check. See...

SSRF - /plugins/servlet/issue-retriever?columns=&url=XXX

h3. Issue Summary The following issue was submitted to our bug bounty program. This endpoint will allow attackers to read the full response of the provided URL. h3. Environment Confluence 6.15.5 h3. Steps to Reproduce Setup two Atlassian applications and create an Applink between them. In my case...