Skip to main content

Certification

3 CVEs product

Monthly

CVE-2018-10864 MEDIUM This Month

An uncontrolled resource consumption flaw has been discovered in redhat-certification in the way documents are loaded. Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Red Hat Denial Of Service Certification
NVD
CVSS 3.0
6.2
EPSS
1.2%
CVE-2018-10870 CRITICAL Act Now

redhat-certification does not properly sanitize paths in rhcertStore.py:__saveResultsFile. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Red Hat RCE Path Traversal Certification
NVD
CVSS 3.0
9.8
EPSS
6.2%
CVE-2018-10869 HIGH This Week

redhat-certification does not properly restrict files that can be download through the /download page. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Red Hat Information Disclosure Path Traversal Certification Enterprise Linux
NVD
CVSS 3.0
7.5
EPSS
2.8%
EPSS 1% CVSS 6.2
MEDIUM This Month

An uncontrolled resource consumption flaw has been discovered in redhat-certification in the way documents are loaded. Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Red Hat Denial Of Service Certification
NVD
EPSS 6% CVSS 9.8
CRITICAL Act Now

redhat-certification does not properly sanitize paths in rhcertStore.py:__saveResultsFile. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Red Hat RCE Path Traversal +1
NVD
EPSS 3% CVSS 7.5
HIGH This Week

redhat-certification does not properly restrict files that can be download through the /download page. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Red Hat Information Disclosure Path Traversal +2
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy