Skip to main content

Candlepin

3 CVEs product

Monthly

CVE-2023-1832 HIGH PATCH This Week

An improper access control flaw was found in Candlepin. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Candlepin Satellite
NVD
CVSS 3.1
8.1
EPSS
0.5%
CVE-2015-5187 MEDIUM This Month

Candlepin allows remote attackers to obtain sensitive information by obtaining Java exception statements as a result of excessive web traffic. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Java Information Disclosure Candlepin
NVD
CVSS 3.0
6.5
EPSS
0.3%
CVE-2012-6119 LOW Monitor

Candlepin before 0.7.24, as used in Red Hat Subscription Asset Manager before 1.2.1, does not properly check manifest signatures, which allows local users to modify manifests. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. No vendor patch available.

Red Hat Privilege Escalation Candlepin Subscription Asset Manager
NVD GitHub
CVSS 2.0
2.1
EPSS
0.1%
EPSS 0% CVSS 8.1
HIGH PATCH This Week

An improper access control flaw was found in Candlepin. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Candlepin Satellite
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

Candlepin allows remote attackers to obtain sensitive information by obtaining Java exception statements as a result of excessive web traffic. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Java Information Disclosure Candlepin
NVD
EPSS 0% CVSS 2.1
LOW Monitor

Candlepin before 0.7.24, as used in Red Hat Subscription Asset Manager before 1.2.1, does not properly check manifest signatures, which allows local users to modify manifests. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. No vendor patch available.

Red Hat Privilege Escalation Candlepin +1
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy