Missing Authorization

Overview Affected versions of this package are vulnerable to Missing Authorization via the synchronization process when a repository file is deleted prior to synchronization. An attacker can cause the application to crash by deleting a repository file before synchronization as an authenticated...

Moderate: Red Hat Security Advisory: RHUI 4.5.0 release - Security, Bug Fixes, and Enhancements

An updated version of Red Hat Update Infrastructure RHUI is now available. RHUI 4.5 fixes several security and operational bugs and also adds several new features. Red Hat Update Infrastructure RHUI offers a highly scalable, highly redundant framework that enables you to manage repositories and...

Security update for SUSE Manager Client Tools (moderate)

openSUSE Security Update: Security update for SUSE Manager Client Tools Announcement ID: openSUSE-SU-2021:2675-1 Rating: moderate References: 1175478 1186242 1186508 1186581 1186650 1188846 SLE-18254 Cross-References: CVE-2021-27962 CVE-2021-28146 CVE-2021-28147 CVE-2021-28148 CVE-2021-29622 CVSS...

The vulnerability of the reposync function of the YUM package manager, which allows a hacker to create, modify, or delete any files they desire.

The vulnerability of the reposync function in the YUM package manager exists due to insufficient restrictions on the path name of the restricted access directory. Exploiting this vulnerability allows a malicious actor to create, modify, or delete any files as desired from a remote location...