Search for packages
| purl | pkg:rpm/redhat/rubygem-multi_json@1.12.2-2?arch=el7sat |
| Next non-vulnerable version | None. |
| Latest non-vulnerable version | None. |
| Risk | 4.5 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-27wt-wmzc-1bc2
Aliases: CVE-2018-6188 GHSA-rf4j-j272-fj86 PYSEC-2018-4 |
django.contrib.auth.forms.AuthenticationForm in Django 2.0 before 2.0.2, and 1.11.8 and 1.11.9, allows remote attackers to obtain potentially sensitive information by leveraging data exposure from the confirm_login_allowed() method, as demonstrated by discovering whether a user account is inactive. | There are no reported fixed by versions. |
|
VCID-2g54-3acq-pbha
Aliases: CVE-2020-10716 |
rubygem-foreman_ansible: "User input" entry from Job Invocation may contain sensitive data | There are no reported fixed by versions. |
|
VCID-2y5d-qg7z-2kdg
Aliases: CVE-2017-5929 GHSA-vmfg-rjjm-rjrj |
QOS.ch Logback before 1.2.0 has a serialization vulnerability affecting the SocketServer and ServerSocketReceiver components. | There are no reported fixed by versions. |
|
VCID-31h9-7jrr-9kdt
Aliases: CVE-2016-1000340 GHSA-r97x-3g8f-gx3m |
In the Bouncy Castle JCE Provider versions 1.51 to 1.55, a carry propagation bug was introduced in the implementation of squaring for several raw math classes have been fixed (org.bouncycastle.math.raw.Nat???). These classes are used by our custom elliptic curve implementations (org.bouncycastle.math.ec.custom.**), so there was the possibility of rare (in general usage) spurious calculations for elliptic curve scalar multiplications. Such errors would have been detected with high probability by the output validation for our scalar multipliers. | There are no reported fixed by versions. |
|
VCID-3af2-c1m7-3kdr
Aliases: CVE-2019-10198 |
foreman: authorization bypasses in foreman-tasks leading to information disclosure | There are no reported fixed by versions. |
|
VCID-3t8t-yt9b-1fce
Aliases: CVE-2016-10516 GHSA-h2fp-xgx6-xh6f PYSEC-2017-43 |
Cross-site scripting (XSS) vulnerability in the render_full function in debug/tbtools.py in the debugger in Pallets Werkzeug before 0.11.11 (as used in Pallets Flask and other products) allows remote attackers to inject arbitrary web script or HTML via a field that contains an exception message. | There are no reported fixed by versions. |
|
VCID-3zeq-dyj1-8bdm
Aliases: CVE-2018-1097 |
foreman: Ovirt admin password exposed by foreman API | There are no reported fixed by versions. |
|
VCID-5434-f6g7-8kdw
Aliases: CVE-2015-3208 GHSA-x6rc-54xp-ccxx |
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none. | There are no reported fixed by versions. |
|
VCID-6fxc-s6ht-x7ht
Aliases: CVE-2016-10745 GHSA-hj2j-77xm-mc5v PYSEC-2019-220 |
In Pallets Jinja before 2.8.1, str.format allows a sandbox escape. | There are no reported fixed by versions. |
|
VCID-6wxf-ewtr-z3hb
Aliases: CVE-2019-10906 GHSA-462w-v97r-4m45 PYSEC-2019-217 |
In Pallets Jinja before 2.10.1, str.format_map allows a sandbox escape. | There are no reported fixed by versions. |
|
VCID-73c1-6ytd-ykf9
Aliases: CVE-2018-1096 |
foreman: SQL injection due to improper handling of the widget id parameter | There are no reported fixed by versions. |
|
VCID-8xgm-pabz-hkeg
Aliases: CVE-2017-10689 GHSA-vw22-465p-8j5w |
Improper Privilege Management In previous versions of Puppet Agent it was possible to install a module with world writable permissions. Puppet Agent 5.3.4 and 1.10.10 included a fix to this vulnerability. | There are no reported fixed by versions. |
|
VCID-9wej-f7zx-pfeq
Aliases: CVE-2019-12086 GHSA-5ww9-j83m-q7qx |
Information exposure in FasterXML jackson-databind A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x before 2.9.9. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint, the service has the mysql-connector-java jar (8.0.14 or earlier) in the classpath, and an attacker can host a crafted MySQL server reachable by the victim, an attacker can send a crafted JSON message that allows them to read arbitrary local files on the server. This occurs because of missing com.mysql.cj.jdbc.admin.MiniAdmin validation. | There are no reported fixed by versions. |
|
VCID-am23-ncy4-27ck
Aliases: CVE-2017-15100 |
foreman: Stored XSS in fact name or value | There are no reported fixed by versions. |
|
VCID-bdms-nb18-guf9
Aliases: CVE-2017-7233 GHSA-37hp-765x-j95x PYSEC-2017-9 |
Django 1.10 before 1.10.7, 1.9 before 1.9.13, and 1.8 before 1.8.18 relies on user input in some cases to redirect the user to an "on success" URL. The security check for these redirects (namely ``django.utils.http.is_safe_url()``) considered some numeric URLs "safe" when they shouldn't be, aka an open redirect vulnerability. Also, if a developer relies on ``is_safe_url()`` to provide safe redirect targets and puts such a URL into a link, they could suffer from an XSS attack. | There are no reported fixed by versions. |
|
VCID-bhq3-j6aj-1yae
Aliases: CVE-2019-10086 GHSA-6phf-73q6-gh87 |
Insecure Deserialization in Apache Commons Beanutils In Apache Commons Beanutils 1.9.2, a special BeanIntrospector class was added which allows suppressing the ability for an attacker to access the classloader via the class property available on all Java objects. We, however were not using this by default characteristic of the PropertyUtilsBean. | There are no reported fixed by versions. |
|
VCID-bsbd-bsbq-7qdk
Aliases: CVE-2019-14825 GHSA-m4wh-848j-9w2r |
Katello cleartext password storage issue A cleartext password storage issue was discovered in Katello, versions 3.x.x.x before katello 3.12.2. Registry credentials used during container image discovery were inadvertently logged without being masked. This flaw could expose the registry credentials to other privileged users. | There are no reported fixed by versions. |
|
VCID-ceub-d4s9-dkcd
Aliases: CVE-2017-15095 GHSA-h592-38cm-4ggp |
Deserialization of Untrusted Data A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the `readValue` method of the `ObjectMapper`. | There are no reported fixed by versions. |
|
VCID-crf9-zn1q-vya8
Aliases: CVE-2015-6644 |
Bouncy Castle in Android before 5.1.1 LMY49F and 6.0 before 2016-01-01 allows attackers to obtain sensitive information via a crafted application, aka internal bug 24106146. | There are no reported fixed by versions. |
|
VCID-ddqw-aj7g-s7c2
Aliases: CVE-2016-1000341 GHSA-r9ch-m4fh-fc7q |
In the Bouncy Castle JCE Provider version 1.55 and earlier DSA signature generation is vulnerable to timing attack. Where timings can be closely observed for the generation of signatures, the lack of blinding in 1.55, or earlier, may allow an attacker to gain information about the signature's k value and ultimately the private value as well. | There are no reported fixed by versions. |
|
VCID-f4qa-9fn6-97az
Aliases: CVE-2016-1000342 GHSA-qcj7-g2j5-g7r3 |
In the Bouncy Castle JCE Provider version 1.55 and earlier ECDSA does not fully validate ASN.1 encoding of signature on verification. It is possible to inject extra elements in the sequence making up the signature and still have it validate, which in some cases may allow the introduction of 'invisible' data into a signed structure. | There are no reported fixed by versions. |
|
VCID-f73y-mjrg-yfc9
Aliases: CVE-2016-1000344 GHSA-2j2x-hx4g-2gf4 |
In the Bouncy Castle JCE Provider version 1.55 and earlier the DHIES implementation allowed the use of ECB mode. This mode is regarded as unsafe and support for it has been removed from the provider. | There are no reported fixed by versions. |
|
VCID-ftzy-9uny-byfb
Aliases: CVE-2018-16887 GHSA-mhhc-r88h-2qrm |
Cross-site Scripting A cross-site scripting (XSS) flaw was found in the katello component of Satellite. An attacker with privilege to create/edit organizations and locations is able to execute a XSS attacks against other users through the Subscriptions or the Red Hat Repositories wizards. This can possibly lead to malicious code execution and extraction of the anti-CSRF token of higher privileged users. Versions before `3.9.0` are vulnerable. | There are no reported fixed by versions. |
|
VCID-hmcs-7s53-mbft
Aliases: CVE-2019-3893 |
foreman: Recover of plaintext password or token for the compute resources | There are no reported fixed by versions. |
|
VCID-jae8-w85w-cyfu
Aliases: CVE-2018-7537 GHSA-2f9x-5v75-3qv4 PYSEC-2018-6 |
An issue was discovered in Django 2.0 before 2.0.3, 1.11 before 1.11.11, and 1.8 before 1.8.19. If django.utils.text.Truncator's chars() and words() methods were passed the html=True argument, they were extremely slow to evaluate certain inputs due to a catastrophic backtracking vulnerability in a regular expression. The chars() and words() methods are used to implement the truncatechars_html and truncatewords_html template filters, which were thus vulnerable. | There are no reported fixed by versions. |
|
VCID-jr7u-m7gc-pydy
Aliases: CVE-2016-1000339 GHSA-c8xf-m4ff-jcxj |
In the Bouncy Castle JCE Provider version 1.55 and earlier the primary engine class used for AES was AESFastEngine. Due to the highly table driven approach used in the algorithm it turns out that if the data channel on the CPU can be monitored the lookup table accesses are sufficient to leak information on the AES key being used. There was also a leak in AESEngine although it was substantially less. AESEngine has been modified to remove any signs of leakage (testing carried out on Intel X86-64) and is now the primary AES class for the BC JCE provider from 1.56. Use of AESFastEngine is now only recommended where otherwise deemed appropriate. | There are no reported fixed by versions. |
|
VCID-jua2-2byr-t3cv
Aliases: CVE-2016-1000338 GHSA-4vhj-98r6-424h |
In Bouncy Castle JCE Provider version 1.55 and earlier the DSA does not fully validate ASN.1 encoding of signature on verification. It is possible to inject extra elements in the sequence making up the signature and still have it validate, which in some cases may allow the introduction of 'invisible' data into a signed structure. | There are no reported fixed by versions. |
|
VCID-ka8b-44hx-mkc5
Aliases: CVE-2016-1000352 GHSA-w285-wf9q-5w69 |
In the Bouncy Castle JCE Provider version 1.55 and earlier the ECIES implementation allowed the use of ECB mode. This mode is regarded as unsafe and support for it has been removed from the provider. | There are no reported fixed by versions. |
|
VCID-kwyu-yq4w-kqe4
Aliases: CVE-2018-10237 GHSA-mvr2-9pj6-7w5j |
Unbounded memory allocation in Google Guava 11.0 through 24.x before 24.1.1 allows remote attackers to conduct denial of service attacks against servers that depend on this library and deserialize attacker-provided data, because the AtomicDoubleArray class (when serialized with Java serialization) and the CompoundOrdering class (when serialized with GWT serialization) perform eager allocation without appropriate checks on what a client has sent and whether the data size is reasonable. | There are no reported fixed by versions. |
|
VCID-m29v-624x-kkha
Aliases: CVE-2019-3891 |
candlepin: credentials exposure through log files | There are no reported fixed by versions. |
|
VCID-mv1p-yxvp-pbh6
Aliases: CVE-2018-7536 GHSA-r28v-mw67-m5p9 PYSEC-2018-5 |
An issue was discovered in Django 2.0 before 2.0.3, 1.11 before 1.11.11, and 1.8 before 1.8.19. The django.utils.html.urlize() function was extremely slow to evaluate certain inputs due to catastrophic backtracking vulnerabilities in two regular expressions (only one regular expression for Django 1.8.x). The urlize() function is used to implement the urlize and urlizetrunc template filters, which were thus vulnerable. | There are no reported fixed by versions. |
|
VCID-mv26-fzn6-vycf
Aliases: CVE-2017-17718 GHSA-m7p8-9w66-9frm |
No validation of hostname certificate Net-ldap does not validate the hostname certificate. Ruby is relying on OpenSSL, and one common mistake made by users of OpenSSL is to assume that OpenSSL will validate the hostname in the server's certificate. did not perform hostname validation. and up contain support for hostname validation, but they still require the user to call a few functions to set it up. | There are no reported fixed by versions. |
|
VCID-mwus-fmc5-27f2
Aliases: CVE-2017-12175 |
6: XSS in discovery rule filter autocomplete functionality | There are no reported fixed by versions. |
|
VCID-nmya-eyxd-9ybe
Aliases: CVE-2018-1000632 GHSA-6pcc-3rfx-4gpm |
dom4j version prior to version 2.1.1 contains a CWE-91: XML Injection vulnerability in Class: Element. Methods: addElement, addAttribute that can result in an attacker tampering with XML documents through XML injection. This attack appear to be exploitable via an attacker specifying attributes or elements in the XML document. This vulnerability appears to have been fixed in 2.1.1 or later. | There are no reported fixed by versions. |
|
VCID-pd7m-bhqf-kkge
Aliases: CVE-2017-7536 GHSA-xxgp-pcfc-3vgc |
In Hibernate Validator 5.2.x before 5.2.5 final, 5.3.x, and 5.4.x, it was found that when the security manager's reflective permissions, which allows it to access the private members of the class, are granted to Hibernate Validator, a potential privilege escalation can occur. By allowing the calling code to access those private members without the permission an attacker may be able to validate an invalid instance and access the private member value via ConstraintViolation#getInvalidValue(). | There are no reported fixed by versions. |
|
VCID-pyr1-73vu-93ej
Aliases: CVE-2018-14664 |
foreman: Persisted XSS on all pages that use breadcrumbs | There are no reported fixed by versions. |
|
VCID-qr8s-5r61-skhw
Aliases: CVE-2016-1000345 GHSA-9gp4-qrff-c648 |
In the Bouncy Castle JCE Provider version 1.55 and earlier the DHIES/ECIES CBC mode vulnerable to padding oracle attack. For BC 1.55 and older, in an environment where timings can be easily observed, it is possible with enough observations to identify when the decryption is failing due to padding. | There are no reported fixed by versions. |
|
VCID-rnuk-n3a6-cbh9
Aliases: CVE-2018-16861 |
foreman: stored XSS in success notification after entity creation | There are no reported fixed by versions. |
|
VCID-sg6x-y34w-37bc
Aliases: CVE-2018-1090 |
pulp: sensitive credentials revealed through the API | There are no reported fixed by versions. |
|
VCID-sw69-1r7d-kkht
Aliases: CVE-2018-16470 GHSA-hg78-4f6x-99wq |
Uncontrolled Resource Consumption There is a possible DoS vulnerability in the multipart parser in Rack. Specially crafted requests can cause the multipart parser to enter a pathological state, causing the parser to use CPU resources disproportionate to the request size. | There are no reported fixed by versions. |
|
VCID-tnen-a68v-9bfk
Aliases: CVE-2016-1000343 GHSA-rrvx-pwf8-p59p |
In the Bouncy Castle JCE Provider version 1.55 and earlier the DSA key pair generator generates a weak private key if used with default values. If the JCA key pair generator is not explicitly initialised with DSA parameters, 1.55 and earlier generates a private value assuming a 1024 bit key size. In earlier releases this can be dealt with by explicitly passing parameters to the key pair generator. | There are no reported fixed by versions. |
|
VCID-w543-qxxs-f7g7
Aliases: CVE-2018-5382 GHSA-8477-3v39-ggpm |
The default BKS keystore use an HMAC that is only 16 bits long, which can allow an attacker to compromise the integrity of a BKS keystore. Bouncy Castle release 1.47 changes the BKS format to a format which uses a 160 bit HMAC instead. This applies to any BKS keystore generated prior to BC 1.47. For situations where people need to create the files for legacy reasons a specific keystore type "BKS-V1" was introduced in 1.49. It should be noted that the use of "BKS-V1" is discouraged by the library authors and should only be used where it is otherwise safe to do so, as in where the use of a 16 bit checksum for the file integrity check is not going to cause a security issue in itself. | There are no reported fixed by versions. |
|
VCID-wbgc-tuj3-47by
Aliases: CVE-2016-6346 GHSA-wxvr-vqfp-9cqw |
Uncontrolled Resource Consumption RESTEasy enables `GZIPInterceptor`, which allows remote attackers to cause a denial of service via unspecified vectors. | There are no reported fixed by versions. |
|
VCID-wnjy-ggeb-eqcn
Aliases: CVE-2017-10690 |
puppet: Environment leakage in puppet-agent | There are no reported fixed by versions. |
|
VCID-wucb-ckae-97aq
Aliases: CVE-2018-10917 GHSA-574p-6fw4-4hw8 |
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') pulp 2.16.x and possibly older is vulnerable to an improper path parsing. A malicious user or a malicious iso feed repository can write to locations accessible to the 'apache' user. This may lead to overwrite of published content on other iso repositories. | There are no reported fixed by versions. |
|
VCID-xzbt-bkdp-8bgh
Aliases: CVE-2016-1000346 GHSA-fjqm-246c-mwqg |
In the Bouncy Castle JCE Provider version 1.55 and earlier the other party DH public key is not fully validated. This can cause issues as invalid keys can be used to reveal details about the other party's private key where static Diffie-Hellman is in use. As of release 1.56 the key parameters are checked on agreement calculation. | There are no reported fixed by versions. |
|
VCID-z6er-42pm-7ubq
Aliases: CVE-2019-0231 GHSA-5h29-qq92-wj7f |
Cleartext Transmission of Sensitive Information in Apache MINA Handling of the close_notify SSL/TLS message does not lead to a connection closure, leading the server to retain the socket opened and to have the client potentially receive clear text messages afterward. Mitigation: 2.0.20 users should migrate to 2.0.21, 2.1.0 users should migrate to 2.1.1. This issue affects: Apache MINA. | There are no reported fixed by versions. |
|
VCID-zx5n-czhy-6qgu
Aliases: CVE-2019-12387 GHSA-6cc5-2vg4-cc7m PYSEC-2019-128 |
In Twisted before 19.2.1, twisted.web did not validate or sanitize URIs or HTTP methods, allowing an attacker to inject invalid characters such as CRLF. | There are no reported fixed by versions. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||