RHSA-2018:2927HighCVSS 8.1

Red Hat Security Advisory: Satellite 6.4 security, bug fix, and enhancement update

Published
October 16, 2018
Last Modified
June 27, 2026

🔗 CVE IDs covered (28)

📋 Description

CVE-2015-3208 — hornetq: XXE/SSRF in XPath selector CVE-2015-6644 — bouncycastle: Information disclosure in GCMBlockCipher CVE-2016-1000338 — bouncycastle: DSA does not fully validate ASN.1 encoding during signature verification allowing for injection of unsigned data CVE-2016-1000339 — bouncycastle: Information leak in AESFastEngine class CVE-2016-1000340 — bouncycastle: Carry propagation bug in math.raw.Nat??? class CVE-2016-1000341 — bouncycastle: Information exposure in DSA signature generation via timing attack CVE-2016-1000342 — bouncycastle: ECDSA improper validation of ASN.1 encoding of signature CVE-2016-1000343 — bouncycastle: DSA key pair generator generates a weak private key by default CVE-2016-1000344 — bouncycastle: DHIES implementation allowed the use of ECB mode CVE-2016-1000345 — bouncycastle: DHIES/ECIES CBC modes are vulnerable to padding oracle attack CVE-2016-1000346 — bouncycastle: Other party DH public keys are not fully validated CVE-2016-1000352 — bouncycastle: ECIES implementation allowed the use of ECB mode CVE-2017-5929 — logback: Serialization vulnerability in SocketServer and ServerSocketReceiver CVE-2017-7233 — python-django: Open redirect and possible XSS attack via user-supplied numeric redirect URLs CVE-2017-7536 — hibernate-validator: Privilege escalation when running under the security manager CVE-2017-10689 — puppet: Unpacking of tarballs in tar/mini.rb can create files with insecure permissions CVE-2017-10690 — puppet: Environment leakage in puppet-agent CVE-2017-12175 — 6: XSS in discovery rule filter autocomplete functionality CVE-2017-15095 — jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525) CVE-2017-15100 — foreman: Stored XSS in fact name or value CVE-2018-1090 — pulp: sensitive credentials revealed through the API CVE-2018-1096 — foreman: SQL injection due to improper handling of the widget id parameter CVE-2018-1097 — foreman: Ovirt admin password exposed by foreman API CVE-2018-5382 — bouncycastle: BKS-V1 keystore files vulnerable to trivial hash collisions CVE-2018-6188 — django: Information leakage in AuthenticationForm CVE-2018-7536 — django: Catastrophic backtracking in regular expressions via 'urlize' and 'urlizetrunc' CVE-2018-7537 — django: Catastrophic backtracking in regular expressions via 'truncatechars_html' and 'truncatewords_html' CVE-2018-10237 — guava: Unbounded memory allocation in AtomicDoubleArray and CompoundOrdering classes allow remote attackers to cause a denial of service

🔗 References (117)