Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Theforeman Subscribe
Filtered by product Katello

CVSS v3 Filter

ALL
NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 6 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2013-2101 2 Redhat, Theforeman 2 Satellite, Katello 2019-12-11 3.5 LOW 5.4 MEDIUM
Katello has multiple XSS issues in various entities
CVE-2013-0283 1 Theforeman 1 Katello 2019-12-09 3.5 LOW 5.4 MEDIUM
Katello: Username in Notification page has cross site scripting
CVE-2018-14623 1 Theforeman 1 Katello 2019-10-09 4.0 MEDIUM 4.3 MEDIUM
A SQL injection flaw was found in katello's errata-related API. An authenticated remote attacker can craft input data to force a malformed SQL query to the backend database, which will leak internal IDs. This is issue is related to an incomplete fix for CVE-2016-3072. Version 3.10 and older is vulnerable.
CVE-2017-2662 1 Theforeman 1 Katello 2019-10-09 4.0 MEDIUM 4.3 MEDIUM
A flaw was found in Foreman's katello plugin version 3.4.5. After setting a new role to allow restricted access on a repository with a filter (filter set on the Product Name), the filter is not respected when the actions are done via hammer using the repository id.
CVE-2016-9595 2 Redhat, Theforeman 3 Satellite, Satellite Capsule, Katello 2019-10-09 3.6 LOW 5.5 MEDIUM
A flaw was found in katello-debug before 3.4.0 where certain scripts and log files used insecure temporary files. A local user could exploit this flaw to conduct a symbolic-link attack, allowing them to overwrite the contents of arbitrary files.
CVE-2018-16887 2 Redhat, Theforeman 2 Satellite, Katello 2019-05-14 3.5 LOW 5.4 MEDIUM
A cross-site scripting (XSS) flaw was found in the katello component of Satellite. An attacker with privilege to create/edit organizations and locations is able to execute a XSS attacks against other users through the Subscriptions or the Red Hat Repositories wizards. This can possibly lead to malicious code execution and extraction of the anti-CSRF token of higher privileged users. Versions before 3.9.0 are vulnerable.