3 matches found
EUVD-2021-27526
Malicious code in bioql PyPI...
Oracle Linux 7 : spacewalk-admin (ELSA-2023-12331)
The remote Oracle Linux 7 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2023-12331 advisory. - Fix for CVE-2021-40348 Orabug: 33531467 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that...
CVE-2021-40348
Spacewalk 2.10, and derivatives such as Uyuni 2021.08, allows code injection. rhn-config-satellite.pl doesn't sanitize the configuration filename used to append Spacewalk-specific key-value pair. The script is intended to be run by the tomcat user account with Sudo, according to the installation...