| 2018-04-16 | CVE-2016-9593 | Credentials Management vulnerability in multiple products
foreman-debug before version 1.15.0 is vulnerable to a flaw in foreman-debug's logging. | 8.8 |
| 2018-04-04 | CVE-2018-1097 | A flaw was found in foreman before 1.16.1. | 8.8 |
| 2018-03-14 | CVE-2018-1077 | XXE vulnerability in Redhat Satellite and Spacewalk
Spacewalk 2.6 contains an API which has an XXE flaw allowing for the disclosure of potentially sensitive information from the server. | 7.5 |
| 2018-03-12 | CVE-2017-2667 | Improper Certificate Validation vulnerability in multiple products
Hammer CLI, a CLI utility for Foreman, before version 0.10.0, did not explicitly set the verify_ssl flag for apipie-bindings that disable it by default. | 8.1 |
| 2018-01-18 | CVE-2018-2639 | Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). | 8.3 |
| 2018-01-18 | CVE-2018-2638 | Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). | 8.3 |
| 2018-01-18 | CVE-2018-2637 | Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JMX). | 7.4 |
| 2018-01-18 | CVE-2018-2633 | Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). | 8.3 |
| 2018-01-18 | CVE-2018-2627 | Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Installer). | 7.5 |
| 2018-01-10 | CVE-2017-7536 | Unsafe Reflection vulnerability in Redhat products
In Hibernate Validator 5.2.x before 5.2.5 final, 5.3.x, and 5.4.x, it was found that when the security manager's reflective permissions, which allows it to access the private members of the class, are granted to Hibernate Validator, a potential privilege escalation can occur. | 7.0 |