Vulnerabilities > Candlepinproject

DATE CVE VULNERABILITY TITLE RISK
2023-10-04 CVE-2023-1832 Incorrect Authorization vulnerability in multiple products
An improper access control flaw was found in Candlepin.
network
low complexity
candlepinproject redhat CWE-863
8.1
2022-08-24 CVE-2021-4142 Unspecified vulnerability in Candlepinproject Candlepin
The Candlepin component of Red Hat Satellite was affected by an improper authentication flaw.
local
low complexity
candlepinproject
5.5
2017-07-25 CVE-2015-5187 Resource Management Errors vulnerability in Candlepinproject Candlepin
Candlepin allows remote attackers to obtain sensitive information by obtaining Java exception statements as a result of excessive web traffic.
network
low complexity
candlepinproject CWE-399
6.5