Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:rpm/redhat/ruby-augeas@0.4.1-1?arch=el6_4
purl pkg:rpm/redhat/ruby-augeas@0.4.1-1?arch=el6_4
Next non-vulnerable version None.
Latest non-vulnerable version None.
Risk 4.0
Vulnerabilities affecting this package (17)
Vulnerability Summary Fixed by
VCID-1mw1-384y-huc7
Aliases:
CVE-2013-2099
Uncontrolled Resource Consumption Algorithmic complexity vulnerability in the `ssl.match_hostname` function and unspecified versions of python-backports-ssl_match_hostname as used for older Python versions, allows remote attackers to cause a denial of service (CPU consumption) via multiple wildcard characters in the common name in a certificate. There are no reported fixed by versions.
VCID-1yu9-avtx-cybv
Aliases:
CVE-2015-1844
foreman: API not scoping resources to taxonomies There are no reported fixed by versions.
VCID-3kma-3ffw-8qd9
Aliases:
CVE-2013-3567
GHSA-f7p5-w2cr-7cp7
Improper Input Validation Puppet 2.7.x before 2.7.22 and 3.2.x before 3.2.2, and Puppet Enterprise before 2.8.2, deserializes untrusted YAML, which allows remote attackers to instantiate arbitrary Ruby classes and execute arbitrary code via a crafted REST API call. There are no reported fixed by versions.
VCID-5g6u-uvej-xbad
Aliases:
CVE-2013-4761
GHSA-cj43-9h3w-v976
Moderate severity vulnerability that affects puppet Unspecified vulnerability in Puppet 2.7.x before 2.7.23 and 3.2.x before 3.2.4, and Puppet Enterprise 2.8.x before 2.8.3 and 3.0.x before 3.0.1, allows remote attackers to execute arbitrary Ruby programs from the master via the resource_type service. NOTE: this vulnerability can only be exploited utilizing unspecified "local file system access" to the Puppet Master. There are no reported fixed by versions.
VCID-73uh-2gkm-6kgy
Aliases:
CVE-2013-4956
Multiple vulnerabilities have been found in Puppet, the worst of which could lead to execution of arbitrary code. There are no reported fixed by versions.
VCID-77c9-jb1m-6qe2
Aliases:
CVE-2015-0203
qpid-cpp: 3 qpidd DoS issues in AMQP 0-10 protocol handling There are no reported fixed by versions.
VCID-7f1h-1fw8-k7c4
Aliases:
CVE-2015-3155
foreman: the _session_id cookie is issued without the Secure flag There are no reported fixed by versions.
VCID-8wen-twwa-8khm
Aliases:
CVE-2014-3653
foreman: cross-site scripting (XSS) flaw in template preview screen There are no reported fixed by versions.
VCID-9gb8-xvrc-aqgb
Aliases:
CVE-2015-0223
qpid-cpp: anonymous access to qpidd cannot be prevented There are no reported fixed by versions.
VCID-fq2t-c2nv-23ce
Aliases:
CVE-2015-1609
A vulnerability in MongoDB can lead to a Denial of Service condition. There are no reported fixed by versions.
VCID-jfqz-9a6e-jff7
Aliases:
CVE-2016-2100
foreman: Unprivileged user can access private bookmarks of other users There are no reported fixed by versions.
VCID-rc65-py17-kuhm
Aliases:
CVE-2015-1816
foreman: lack of SSL certificate validation when performing LDAPS authentication There are no reported fixed by versions.
VCID-sqjb-qpyd-p7gn
Aliases:
CVE-2015-3235
foreman: edit_users permission allows changing of admin passwords There are no reported fixed by versions.
VCID-tbug-mv5x-uucb
Aliases:
CVE-2013-4346
GHSA-4433-4cxq-vv73
PYSEC-2014-85
The Server.verify_request function in SimpleGeo python-oauth2 does not check the nonce, which allows remote attackers to perform replay attacks via a signed URL. There are no reported fixed by versions.
VCID-utxw-251d-gfff
Aliases:
CVE-2014-3590
rhn_satellite_6: cross-site request forgery (CSRF) can force logout There are no reported fixed by versions.
VCID-vhxh-tpay-mbh3
Aliases:
CVE-2015-0224
qpid-cpp: AMQP 0-10 protocol sequence-set maximal range DoS (incomplete CVE-2015-0203 fix) There are no reported fixed by versions.
VCID-zkgb-14kz-33dz
Aliases:
CVE-2013-4347
GHSA-rv8h-p43r-4x5r
PYSEC-2014-86
The (1) make_nonce, (2) generate_nonce, and (3) generate_verifier functions in SimpleGeo python-oauth2 uses weak random numbers to generate nonces, which makes it easier for remote attackers to guess the nonce via a brute force attack. There are no reported fixed by versions.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-01T14:52:39.502668+00:00 RedHat Importer Affected by VCID-tbug-mv5x-uucb https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4346.json 38.0.0
2026-04-01T14:51:39.634626+00:00 RedHat Importer Affected by VCID-zkgb-14kz-33dz https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4347.json 38.0.0
2026-04-01T14:51:09.210835+00:00 RedHat Importer Affected by VCID-1mw1-384y-huc7 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2099.json 38.0.0
2026-04-01T14:50:35.274055+00:00 RedHat Importer Affected by VCID-3kma-3ffw-8qd9 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-3567.json 38.0.0
2026-04-01T14:50:19.552760+00:00 RedHat Importer Affected by VCID-5g6u-uvej-xbad https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4761.json 38.0.0
2026-04-01T14:50:19.461884+00:00 RedHat Importer Affected by VCID-73uh-2gkm-6kgy https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4956.json 38.0.0
2026-04-01T14:46:31.252939+00:00 RedHat Importer Affected by VCID-utxw-251d-gfff https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3590.json 38.0.0
2026-04-01T14:46:13.290939+00:00 RedHat Importer Affected by VCID-8wen-twwa-8khm https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3653.json 38.0.0
2026-04-01T14:44:54.826281+00:00 RedHat Importer Affected by VCID-77c9-jb1m-6qe2 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0203.json 38.0.0
2026-04-01T14:44:34.288967+00:00 RedHat Importer Affected by VCID-9gb8-xvrc-aqgb https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0223.json 38.0.0
2026-04-01T14:44:28.406692+00:00 RedHat Importer Affected by VCID-vhxh-tpay-mbh3 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0224.json 38.0.0
2026-04-01T14:43:26.951777+00:00 RedHat Importer Affected by VCID-jfqz-9a6e-jff7 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2100.json 38.0.0
2026-04-01T14:43:22.393075+00:00 RedHat Importer Affected by VCID-fq2t-c2nv-23ce https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1609.json 38.0.0
2026-04-01T14:43:17.898272+00:00 RedHat Importer Affected by VCID-rc65-py17-kuhm https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1816.json 38.0.0
2026-04-01T14:42:21.045793+00:00 RedHat Importer Affected by VCID-1yu9-avtx-cybv https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1844.json 38.0.0
2026-04-01T14:41:28.574046+00:00 RedHat Importer Affected by VCID-7f1h-1fw8-k7c4 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3155.json 38.0.0
2026-04-01T14:40:46.525431+00:00 RedHat Importer Affected by VCID-sqjb-qpyd-p7gn https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3235.json 38.0.0