candlepinproject

Top products

The 4 most recently published vulnerabilities affecting candlepinproject.

• CVE-2023-1832Improper authorization check in the server component6.8Oct 4, 2023
• CVE-2021-4142The Candlepin component of Red Hat Satellite was affected by an improper authentication flaw. Few factors could allow an attacker to use the SCA (simple content access) certificate for authenticati...5.5Aug 24, 2022
• CVE-2015-5187Candlepin allows remote attackers to obtain sensitive information by obtaining Java exception statements as a result of excessive web traffic.6.5Jul 25, 2017
• CVE-2012-6119Candlepin before 0.7.24, as used in Red Hat Subscription Asset Manager before 1.2.1, does not properly check manifest signatures, which allows local users to modify manifests.2.1Apr 2, 2013