| 2023-12-18 | CVE-2023-4320 | Insufficient Session Expiration vulnerability in Redhat Satellite
An arithmetic overflow flaw was found in Satellite when creating a new personal access token. | 7.5 |
| 2022-09-29 | CVE-2015-1931 | Cleartext Storage of Sensitive Information vulnerability in multiple products
IBM Java Security Components in IBM SDK, Java Technology Edition 8 before SR1 FP10, 7 R1 before SR3 FP10, 7 before SR9 FP10, 6 R1 before SR8 FP7, 6 before SR16 FP7, and 5.0 before SR16 FP13 stores plaintext information in memory dumps, which allows local users to obtain sensitive information by reading a file. | 5.5 |
| 2019-04-11 | CVE-2019-3845 | Unspecified vulnerability in Redhat Satellite
A lack of access control was found in the message queues maintained by Satellite's QPID broker and used by katello-agent in versions before Satellite 6.2, Satellite 6.1 optional and Satellite Capsule 6.1. | 8.0 |
| 2018-10-17 | CVE-2018-3214 | Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Sound). | 5.3 |
| 2018-10-17 | CVE-2018-3180 | Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JSSE). | 5.6 |
| 2018-10-17 | CVE-2018-3169 | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). | 8.3 |
| 2018-10-17 | CVE-2018-3149 | Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). | 8.3 |
| 2018-10-17 | CVE-2018-3139 | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Networking). | 3.1 |
| 2018-10-17 | CVE-2018-3136 | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Security). | 3.4 |
| 2018-08-22 | CVE-2017-7513 | Improper Certificate Validation vulnerability in Redhat Satellite
It was found that Satellite 5 configured with SSL/TLS for the PostgreSQL backend failed to correctly validate X.509 server certificate host name fields. | 5.4 |