Subscription Asset Manager Security Vulnerabilities and Issues — Subscription Asset Manager CVE List

Lucene search

RedhatSubscription Asset Manager

5 matches found

CVE•added 2020/01/02 8:15 p.m.•73 views

CVE-2014-0183

Versions of Katello as shipped with Red Hat Subscription Asset Manager 1.4 are vulnerable to a XSS via HTML in the systems name when registering.

6.1CVSS5.9AI score0.0029EPSS

CVE•added 2019/11/05 3:15 p.m.•57 views

CVE-2013-6460

Nokogiri gem 1.5.x has Denial of Service via infinite loop when parsing XML documents

6.5CVSS6.4AI score0.02521EPSS

CVE•added 2019/11/05 3:15 p.m.•47 views

CVE-2013-6461

Nokogiri gem 1.5.x and 1.6.x has DoS while parsing XML entities by failing to apply limits

6.5CVSS6.4AI score0.02046EPSS

CVE•added 2019/12/11 3:15 p.m.•39 views

CVE-2014-0026

katello-headpin is vulnerable to CSRF in REST API

6.5CVSS6.4AI score0.0015EPSS

CVE•added 2017/10/16 1:29 p.m.•34 views

CVE-2014-0029

Multiple cross-site scripting (XSS) vulnerabilities in the SAM web application in Red Hat katello-headpin allow remote attackers to inject arbitrary web script or HTML via unspecified parameters.

6.1CVSS6AI score0.00233EPSS