EUVD-2021-34011

Malicious code in bioql PyPI...

FileUpload: FileUpload DoS with excessive parts

A flaw was found in Apache Commons FileUpload, where it does not limit the number of parts being processed in a request. This issue may allow an attacker to use a malicious upload or series of uploads to trigger a denial of service. While Red Hat Satellite relies upon Apache Tomcat, it does not...

CVE-2023-24998

A flaw was found in Apache Commons FileUpload, where it does not limit the number of parts being processed in a request. This issue may allow an attacker to use a malicious upload or series of uploads to trigger a denial of service. While Red Hat Satellite relies upon Apache Tomcat, it does not...

Satellite: Allow unintended SCA certificate to authenticate Candlepin

The Candlepin component of Red Hat Satellite was affected by an improper authentication flaw. Few factors could allow an attacker to use the SCA simple content access certificate for authentication with Candlepin...

Red Hat Satellite 授权问题漏洞

Red Hat Satellite is a system management platform from Red Hat. The platform can be used to extend Linux infrastructures and provide system management functions such as administration, configuration, and monitoring. Red Hat Satellite has an authorization issue vulnerability that stems from Red Ha...

CVE-2019-3891

It was discovered that a world-readable log file belonging to Candlepin component of Red Hat Satellite 6.4 leaked the credentials of the Candlepin database. A malicious user with local access to a Satellite host can use those credentials to modify the database and prevent Satellite from fetching...

CVE-2019-3891

It was discovered that a world-readable log file, belonging to the Candlepin component of Red Hat Satellite 6.4, leaked the credentials of the Candlepin database. A malicious user with local access to a Satellite host can use those credentials to modify the database and prevent Satellite from...