Search for packages
| purl | pkg:rpm/redhat/puppetlabs-stdlib@4.2.1-1.20140510git08b00d9?arch=el7sat |
| Next non-vulnerable version | None. |
| Latest non-vulnerable version | None. |
| Risk | 10.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-1yu9-avtx-cybv
Aliases: CVE-2015-1844 |
foreman: API not scoping resources to taxonomies | There are no reported fixed by versions. |
|
VCID-27wt-wmzc-1bc2
Aliases: CVE-2018-6188 GHSA-rf4j-j272-fj86 PYSEC-2018-4 |
django.contrib.auth.forms.AuthenticationForm in Django 2.0 before 2.0.2, and 1.11.8 and 1.11.9, allows remote attackers to obtain potentially sensitive information by leveraging data exposure from the confirm_login_allowed() method, as demonstrated by discovering whether a user account is inactive. | There are no reported fixed by versions. |
|
VCID-2y5d-qg7z-2kdg
Aliases: CVE-2017-5929 GHSA-vmfg-rjjm-rjrj |
QOS.ch Logback before 1.2.0 has a serialization vulnerability affecting the SocketServer and ServerSocketReceiver components. | There are no reported fixed by versions. |
|
VCID-31h9-7jrr-9kdt
Aliases: CVE-2016-1000340 GHSA-r97x-3g8f-gx3m |
In the Bouncy Castle JCE Provider versions 1.51 to 1.55, a carry propagation bug was introduced in the implementation of squaring for several raw math classes have been fixed (org.bouncycastle.math.raw.Nat???). These classes are used by our custom elliptic curve implementations (org.bouncycastle.math.ec.custom.**), so there was the possibility of rare (in general usage) spurious calculations for elliptic curve scalar multiplications. Such errors would have been detected with high probability by the output validation for our scalar multipliers. | There are no reported fixed by versions. |
|
VCID-3ycr-9smk-uqdc
Aliases: CVE-2015-3225 GHSA-rgr4-9jh5-j4j6 |
Potential Denial of Service Vulnerability Carefully crafted requests can cause a `SystemStackError` and potentially cause a denial of service attack. | There are no reported fixed by versions. |
|
VCID-3zeq-dyj1-8bdm
Aliases: CVE-2018-1097 |
foreman: Ovirt admin password exposed by foreman API | There are no reported fixed by versions. |
|
VCID-5434-f6g7-8kdw
Aliases: CVE-2015-3208 GHSA-x6rc-54xp-ccxx |
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none. | There are no reported fixed by versions. |
|
VCID-6xkf-evrx-pyau
Aliases: CVE-2016-2166 GHSA-f5cf-f7px-xpmh |
Exposure of Sensitive Information to an Unauthorized Actor The (1) proton.reactor.Connector, (2) proton.reactor.Container, and (3) proton.utils.BlockingConnection classes in Apache Qpid Proton before 0.12.1 improperly use an unencrypted connection for an amqps URI scheme when SSL support is unavailable, which might allow man-in-the-middle attackers to obtain sensitive information or modify data via unspecified vectors. | There are no reported fixed by versions. |
|
VCID-73c1-6ytd-ykf9
Aliases: CVE-2018-1096 |
foreman: SQL injection due to improper handling of the widget id parameter | There are no reported fixed by versions. |
|
VCID-7f1h-1fw8-k7c4
Aliases: CVE-2015-3155 |
foreman: the _session_id cookie is issued without the Secure flag | There are no reported fixed by versions. |
|
VCID-8wen-twwa-8khm
Aliases: CVE-2014-3653 |
foreman: cross-site scripting (XSS) flaw in template preview screen | There are no reported fixed by versions. |
|
VCID-8xgm-pabz-hkeg
Aliases: CVE-2017-10689 GHSA-vw22-465p-8j5w |
Improper Privilege Management In previous versions of Puppet Agent it was possible to install a module with world writable permissions. Puppet Agent 5.3.4 and 1.10.10 included a fix to this vulnerability. | There are no reported fixed by versions. |
|
VCID-am23-ncy4-27ck
Aliases: CVE-2017-15100 |
foreman: Stored XSS in fact name or value | There are no reported fixed by versions. |
|
VCID-b9ad-t22m-9ya8
Aliases: CVE-2016-3108 |
pulp: Insecure temporary file used when generating certificate for Pulp Nodes | There are no reported fixed by versions. |
|
VCID-bdms-nb18-guf9
Aliases: CVE-2017-7233 GHSA-37hp-765x-j95x PYSEC-2017-9 |
Django 1.10 before 1.10.7, 1.9 before 1.9.13, and 1.8 before 1.8.18 relies on user input in some cases to redirect the user to an "on success" URL. The security check for these redirects (namely ``django.utils.http.is_safe_url()``) considered some numeric URLs "safe" when they shouldn't be, aka an open redirect vulnerability. Also, if a developer relies on ``is_safe_url()`` to provide safe redirect targets and puts such a URL into a link, they could suffer from an XSS attack. | There are no reported fixed by versions. |
|
VCID-ceub-d4s9-dkcd
Aliases: CVE-2017-15095 GHSA-h592-38cm-4ggp |
Deserialization of Untrusted Data A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the `readValue` method of the `ObjectMapper`. | There are no reported fixed by versions. |
|
VCID-crf9-zn1q-vya8
Aliases: CVE-2015-6644 |
Bouncy Castle in Android before 5.1.1 LMY49F and 6.0 before 2016-01-01 allows attackers to obtain sensitive information via a crafted application, aka internal bug 24106146. | There are no reported fixed by versions. |
|
VCID-ddqw-aj7g-s7c2
Aliases: CVE-2016-1000341 GHSA-r9ch-m4fh-fc7q |
In the Bouncy Castle JCE Provider version 1.55 and earlier DSA signature generation is vulnerable to timing attack. Where timings can be closely observed for the generation of signatures, the lack of blinding in 1.55, or earlier, may allow an attacker to gain information about the signature's k value and ultimately the private value as well. | There are no reported fixed by versions. |
|
VCID-f4qa-9fn6-97az
Aliases: CVE-2016-1000342 GHSA-qcj7-g2j5-g7r3 |
In the Bouncy Castle JCE Provider version 1.55 and earlier ECDSA does not fully validate ASN.1 encoding of signature on verification. It is possible to inject extra elements in the sequence making up the signature and still have it validate, which in some cases may allow the introduction of 'invisible' data into a signed structure. | There are no reported fixed by versions. |
|
VCID-f73y-mjrg-yfc9
Aliases: CVE-2016-1000344 GHSA-2j2x-hx4g-2gf4 |
In the Bouncy Castle JCE Provider version 1.55 and earlier the DHIES implementation allowed the use of ECB mode. This mode is regarded as unsafe and support for it has been removed from the provider. | There are no reported fixed by versions. |
|
VCID-j162-yzbc-cycs
Aliases: CVE-2016-3111 |
pulp: Race condition when generating RSA keys for authenticating messages between server and consumers | There are no reported fixed by versions. |
|
VCID-jae8-w85w-cyfu
Aliases: CVE-2018-7537 GHSA-2f9x-5v75-3qv4 PYSEC-2018-6 |
An issue was discovered in Django 2.0 before 2.0.3, 1.11 before 1.11.11, and 1.8 before 1.8.19. If django.utils.text.Truncator's chars() and words() methods were passed the html=True argument, they were extremely slow to evaluate certain inputs due to a catastrophic backtracking vulnerability in a regular expression. The chars() and words() methods are used to implement the truncatechars_html and truncatewords_html template filters, which were thus vulnerable. | There are no reported fixed by versions. |
|
VCID-jau7-gfz8-dkfa
Aliases: CVE-2009-3555 GHSA-f7w7-6pjc-wwm6 VU#120541 |
The renegotiation vulnerability in SSL protocol | There are no reported fixed by versions. |
|
VCID-jr7u-m7gc-pydy
Aliases: CVE-2016-1000339 GHSA-c8xf-m4ff-jcxj |
In the Bouncy Castle JCE Provider version 1.55 and earlier the primary engine class used for AES was AESFastEngine. Due to the highly table driven approach used in the algorithm it turns out that if the data channel on the CPU can be monitored the lookup table accesses are sufficient to leak information on the AES key being used. There was also a leak in AESEngine although it was substantially less. AESEngine has been modified to remove any signs of leakage (testing carried out on Intel X86-64) and is now the primary AES class for the BC JCE provider from 1.56. Use of AESFastEngine is now only recommended where otherwise deemed appropriate. | There are no reported fixed by versions. |
|
VCID-jua2-2byr-t3cv
Aliases: CVE-2016-1000338 GHSA-4vhj-98r6-424h |
In Bouncy Castle JCE Provider version 1.55 and earlier the DSA does not fully validate ASN.1 encoding of signature on verification. It is possible to inject extra elements in the sequence making up the signature and still have it validate, which in some cases may allow the introduction of 'invisible' data into a signed structure. | There are no reported fixed by versions. |
|
VCID-ka8b-44hx-mkc5
Aliases: CVE-2016-1000352 GHSA-w285-wf9q-5w69 |
In the Bouncy Castle JCE Provider version 1.55 and earlier the ECIES implementation allowed the use of ECB mode. This mode is regarded as unsafe and support for it has been removed from the provider. | There are no reported fixed by versions. |
|
VCID-kwyu-yq4w-kqe4
Aliases: CVE-2018-10237 GHSA-mvr2-9pj6-7w5j |
Unbounded memory allocation in Google Guava 11.0 through 24.x before 24.1.1 allows remote attackers to conduct denial of service attacks against servers that depend on this library and deserialize attacker-provided data, because the AtomicDoubleArray class (when serialized with Java serialization) and the CompoundOrdering class (when serialized with GWT serialization) perform eager allocation without appropriate checks on what a client has sent and whether the data size is reasonable. | There are no reported fixed by versions. |
|
VCID-mv1p-yxvp-pbh6
Aliases: CVE-2018-7536 GHSA-r28v-mw67-m5p9 PYSEC-2018-5 |
An issue was discovered in Django 2.0 before 2.0.3, 1.11 before 1.11.11, and 1.8 before 1.8.19. The django.utils.html.urlize() function was extremely slow to evaluate certain inputs due to catastrophic backtracking vulnerabilities in two regular expressions (only one regular expression for Django 1.8.x). The urlize() function is used to implement the urlize and urlizetrunc template filters, which were thus vulnerable. | There are no reported fixed by versions. |
|
VCID-mwus-fmc5-27f2
Aliases: CVE-2017-12175 |
6: XSS in discovery rule filter autocomplete functionality | There are no reported fixed by versions. |
|
VCID-pd7m-bhqf-kkge
Aliases: CVE-2017-7536 GHSA-xxgp-pcfc-3vgc |
In Hibernate Validator 5.2.x before 5.2.5 final, 5.3.x, and 5.4.x, it was found that when the security manager's reflective permissions, which allows it to access the private members of the class, are granted to Hibernate Validator, a potential privilege escalation can occur. By allowing the calling code to access those private members without the permission an attacker may be able to validate an invalid instance and access the private member value via ConstraintViolation#getInvalidValue(). | There are no reported fixed by versions. |
|
VCID-pwuz-vu73-b7f2
Aliases: CVE-2016-3107 |
pulp: Node certificate containing private key stored in world-readable file | There are no reported fixed by versions. |
|
VCID-qj42-dfhb-mqep
Aliases: CVE-2016-3112 |
pulp: Agent certificate containing private key is stored in world-readable file | There are no reported fixed by versions. |
|
VCID-qr8s-5r61-skhw
Aliases: CVE-2016-1000345 GHSA-9gp4-qrff-c648 |
In the Bouncy Castle JCE Provider version 1.55 and earlier the DHIES/ECIES CBC mode vulnerable to padding oracle attack. For BC 1.55 and older, in an environment where timings can be easily observed, it is possible with enough observations to identify when the decryption is failing due to padding. | There are no reported fixed by versions. |
|
VCID-rc65-py17-kuhm
Aliases: CVE-2015-1816 |
foreman: lack of SSL certificate validation when performing LDAPS authentication | There are no reported fixed by versions. |
|
VCID-sg6x-y34w-37bc
Aliases: CVE-2018-1090 |
pulp: sensitive credentials revealed through the API | There are no reported fixed by versions. |
|
VCID-sh6q-bacd-4fah
Aliases: CVE-2015-5282 |
foreman: XSS in hidden parameter value switcher | There are no reported fixed by versions. |
|
VCID-sqjb-qpyd-p7gn
Aliases: CVE-2015-3235 |
foreman: edit_users permission allows changing of admin passwords | There are no reported fixed by versions. |
|
VCID-tbug-mv5x-uucb
Aliases: CVE-2013-4346 GHSA-4433-4cxq-vv73 PYSEC-2014-85 |
The Server.verify_request function in SimpleGeo python-oauth2 does not check the nonce, which allows remote attackers to perform replay attacks via a signed URL. | There are no reported fixed by versions. |
|
VCID-tnen-a68v-9bfk
Aliases: CVE-2016-1000343 GHSA-rrvx-pwf8-p59p |
In the Bouncy Castle JCE Provider version 1.55 and earlier the DSA key pair generator generates a weak private key if used with default values. If the JCA key pair generator is not explicitly initialised with DSA parameters, 1.55 and earlier generates a private value assuming a 1024 bit key size. In earlier releases this can be dealt with by explicitly passing parameters to the key pair generator. | There are no reported fixed by versions. |
|
VCID-va8w-uzhc-x3bz
Aliases: CVE-2013-6668 |
security update | There are no reported fixed by versions. |
|
VCID-w543-qxxs-f7g7
Aliases: CVE-2018-5382 GHSA-8477-3v39-ggpm |
The default BKS keystore use an HMAC that is only 16 bits long, which can allow an attacker to compromise the integrity of a BKS keystore. Bouncy Castle release 1.47 changes the BKS format to a format which uses a 160 bit HMAC instead. This applies to any BKS keystore generated prior to BC 1.47. For situations where people need to create the files for legacy reasons a specific keystore type "BKS-V1" was introduced in 1.49. It should be noted that the use of "BKS-V1" is discouraged by the library authors and should only be used where it is otherwise safe to do so, as in where the use of a 16 bit checksum for the file integrity check is not going to cause a security issue in itself. | There are no reported fixed by versions. |
|
VCID-w6f4-zp2b-7bbp
Aliases: CVE-2016-3728 |
foreman: Missing input validation in Smart Proxy allows RCE via TFTP file variant parameter | There are no reported fixed by versions. |
|
VCID-wnjy-ggeb-eqcn
Aliases: CVE-2017-10690 |
puppet: Environment leakage in puppet-agent | There are no reported fixed by versions. |
|
VCID-xzbt-bkdp-8bgh
Aliases: CVE-2016-1000346 GHSA-fjqm-246c-mwqg |
In the Bouncy Castle JCE Provider version 1.55 and earlier the other party DH public key is not fully validated. This can cause issues as invalid keys can be used to reveal details about the other party's private key where static Diffie-Hellman is in use. As of release 1.56 the key parameters are checked on agreement calculation. | There are no reported fixed by versions. |
|
VCID-yymw-3u57-4ueu
Aliases: CVE-2015-5152 |
Foreman: API permits HTTP requests when require_ssl is enabled | There are no reported fixed by versions. |
|
VCID-zkgb-14kz-33dz
Aliases: CVE-2013-4347 GHSA-rv8h-p43r-4x5r PYSEC-2014-86 |
The (1) make_nonce, (2) generate_nonce, and (3) generate_verifier functions in SimpleGeo python-oauth2 uses weak random numbers to generate nonces, which makes it easier for remote attackers to guess the nonce via a brute force attack. | There are no reported fixed by versions. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||