196 matches found
PYSEC-2026-1808 Pulp incorrectly assigns RBAC permissions in tasks that create objects
A flaw was found in the Pulp package. When a role-based access control RBAC object in Pulp is set to assign permissions on its creation, it uses the AutoAddObjPermsMixin typically the addrolesforobjectcreator method. This method finds the object creator by checking the current authenticated user...
CVE-2026-12398
A command injection vulnerability was found in galaxyng. The dogitcheckout function in the legacy role import API v1 interpolates unsanitized git ref names branch/tag names into shell commands executed via subprocess.run with shell=True. An authenticated user who controls a git repository can...
PT-2026-49716
Name of the Vulnerable Software and Affected Versions galaxy ng affected versions not specified Description A command injection issue exists in the legacy role import API v1 where the do git checkout function interpolates unsanitized git ref names, such as branch or tag names, into shell commands...
[SECURITY] Fedora 43 Update: python-pulp-glue-0.37.0-5.fc43
pulp-glue is a library to ease the programmatic communication with the Pulp3 API. It helps to abstract different resource types with so called contexts and allows to build or even provides complex workflows like chunked upload or waiting on tasks. It is built around an openapi3 parser to provide...
[SECURITY] Fedora 44 Update: python-pulp-glue-0.37.0-5.fc44
pulp-glue is a library to ease the programmatic communication with the Pulp3 API. It helps to abstract different resource types with so called contexts and allows to build or even provides complex workflows like chunked upload or waiting on tasks. It is built around an openapi3 parser to provide...
GHSA-9M5J-4XX9-44J9 vulnerabilities
Vulnerabilities for packages: py3-pulp...
GHSA-GF89-385C-HQ37 vulnerabilities
Vulnerabilities for packages: py3-pulp...
CVE-2015-5153 vulnerabilities
Vulnerabilities for packages: py3-pulp...
CVE-2024-7143 vulnerabilities
Vulnerabilities for packages: py3-pulp...
SUSE SLES15 Security Update : openssl-1_1-livepatches (SUSE-SU-2025:03632-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:03632-1 advisory. - Add livepatch for CVE-2025-9230 bsc1250410. - Use strong externalization for ssl3setupreadbuffer and ssl3releasereadbuffer - Use strong...
EUVD-2018-11740
Malware in sbrugna...
EUVD-2016-4161
Malware in sbrugna...
EUVD-2016-4165
Malware in sbrugna...
EUVD-2012-3488
Malware in sbrugna...
EUVD-2016-4160
Malware in sbrugna...
EUVD-2013-7214
Malware in sbrugna...
EUVD-2016-4718
Malware in sbrugna...
EUVD-2012-4500
Malware in sbrugna...
EUVD-2016-4152
Malware in sbrugna...
EUVD-2015-5249
Malware in sbrugna...