Vulnerabilities > Redhat > Spacewalk > 1.6
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-02-17 | CVE-2020-1693 | XXE vulnerability in Redhat Spacewalk 1.6/2.6/2.9 A flaw was found in Spacewalk up to version 2.9 where it was vulnerable to XML internal entity attacks via the /rpc/api endpoint. | 9.8 |
2019-07-02 | CVE-2019-10137 | Path Traversal vulnerability in Redhat Satellite and Spacewalk A path traversal flaw was found in spacewalk-proxy, all versions through 2.9, in the way the proxy processes cached client tokens. | 9.8 |
2019-07-02 | CVE-2019-10136 | Improper Verification of Cryptographic Signature vulnerability in Redhat Satellite and Spacewalk It was found that Spacewalk, all versions through 2.9, did not safely compute client token checksums. | 4.3 |
2014-02-05 | CVE-2011-1594 | Improper Input Validation vulnerability in Redhat Network Satellite and Spacewalk Open redirect vulnerability in Spacewalk 1.6, as used in Red Hat Network (RHN) Satellite, allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the url_bounce parameter. | 5.8 |