Lucene search
K

6 matches found

Snyk
Snyk
added 2026/03/17 3:36 p.m.8 views

SQL Injection

Overview katello is a package that adds Content and Subscription Management to Foreman Affected versions of this package are vulnerable to SQL Injection via improper sanitization of user input in the sortby parameter of the /api/hosts/bootcimages endpoint. An attacker can cause database errors or...

5.4CVSS7.2AI score0.00262EPSS
Exploits0References2
OSV
OSV
added 2026/03/17 3:36 p.m.5 views

GHSA-FWJ4-6WGP-MPXM Katello: Denial of Service and potential information disclosure via SQL injection

A flaw was found in the Katello plugin for Red Hat Satellite. This vulnerability, caused by improper sanitization of user-provided input, allows a remote attacker to inject arbitrary SQL commands into the sortby parameter of the /api/hosts/bootcimages API endpoint. This can lead to a Denial of...

5.4CVSS6AI score0.00262EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 2026/03/17 1:52 p.m.3 views

CVE-2026-4324

A flaw was found in the Katello plugin for Red Hat Satellite. This vulnerability, caused by improper sanitization of user-provided input, allows a remote attacker to inject arbitrary SQL commands into the sortby parameter of the /api/hosts/bootcimages API endpoint. This can lead to a Denial of...

5.4CVSS6AI score0.00262EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/03/17 1:52 p.m.5 views

CVE-2026-4324 Rubygem-katello: katello: denial of service and potential information disclosure via sql injection

A flaw was found in the Katello plugin for Red Hat Satellite. This vulnerability, caused by improper sanitization of user-provided input, allows a remote attacker to inject arbitrary SQL commands into the sortby parameter of the /api/hosts/bootcimages API endpoint. This can lead to a Denial of...

5.4CVSS6AI score0.00262EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/03/17 12:0 a.m.7 views

Red Hat Satellite SQL注入漏洞

Red Hat Satellite is a system management platform developed by Red Hat Inc. This platform can be used to expand Linux infrastructure and provides system management functions such as administration, configuration, and monitoring. Red Hat Satellite 6 has a SQL injection vulnerability, which stems...

5.4CVSS7.3AI score0.00262EPSS
Exploits0References3
RubySec
RubySec
added 2026/03/17 12:0 a.m.12 views

Katello - Denial of Service and potential information disclosure via SQL injection'

A flaw was found in the Katello plugin for Red Hat Satellite. This vulnerability, caused by improper sanitization of user-provided input, allows a remote attacker to inject arbitrary SQL commands into the sortby parameter of the /api/hosts/bootcimages API endpoint. This can lead to a Denial of...

5.4CVSS6AI score0.00262EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder