Vulnerabilities > Redhat > Spacewalk Java > 2.1.147.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2014-04-15 | CVE-2010-2236 | Improper Input Validation vulnerability in Redhat Network Proxy, Satellite and Spacewalk-Java The monitoring probe display in spacewalk-java before 2.1.148-1 and Red Hat Network (RHN) Satellite 4.0.0 through 4.2.0 and 5.1.0 through 5.3.0, and Proxy 5.3.0, allows remote authenticated users with permissions to administer monitoring probes to execute arbitrary code via unspecified vectors, related to backticks. | 6.0 |
2014-04-01 | CVE-2013-1869 | Improper Input Validation vulnerability in Redhat Satellite and Spacewalk-Java CRLF injection vulnerability in spacewalk-java before 2.1.148-1 and Red Hat Network (RHN) Satellite 5.6 allows remote attackers to inject arbitrary HTTP headers, and conduct HTTP response splitting attacks and cross-site scripting (XSS) attacks, via the return_url parameter. | 4.3 |