Search Results (31 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2024-7012 1 Redhat 4 Satellite, Satellite Capsule, Satellite Maintenance and 1 more 2025-11-11 9.8 Critical
An authentication bypass vulnerability has been identified in Foreman when deployed with External Authentication, due to the puppet-foreman configuration. This issue arises from Apache's mod_proxy not properly unsetting headers because of restrictions on underscores in HTTP headers, allowing authentication through a malformed header. This flaw impacts all active Satellite deployments (6.13, 6.14 and 6.15) and could potentially enable unauthorized users to gain administrative access.
CVE-2024-4067 3 Jonschlinkert, Micromatch, Redhat 7 Micromatch, Micromatch, Advanced Cluster Security and 4 more 2025-08-04 5.3 Medium
The NPM package `micromatch` prior to 4.0.8 is vulnerable to Regular Expression Denial of Service (ReDoS). The vulnerability occurs in `micromatch.braces()` in `index.js` because the pattern `.*` will greedily match anything. By passing a malicious payload, the pattern matching will keep backtracking to the input while it doesn't find the closing bracket. As the input size increases, the consumption time will also increase until it causes the application to hang or slow down. There was a merged fix but further testing shows the issue persists. This issue should be mitigated by using a safe pattern that won't start backtracking the regular expression due to greedy matching. This issue was fixed in version 4.0.8.
CVE-2022-4130 1 Redhat 3 Satellite, Satellite Capsule, Satellite Utils 2025-04-14 4.5 Medium
A blind site-to-site request forgery vulnerability was found in Satellite server. It is possible to trigger an external interaction to an attacker's server by modifying the Referer header in an HTTP request of specific resources in the server.
CVE-2021-46877 2 Fasterxml, Redhat 15 Jackson-databind, Amq Streams, Camel Spring Boot and 12 more 2025-02-26 7.5 High
jackson-databind 2.10.x through 2.12.x before 2.12.6 and 2.13.x before 2.13.1 allows attackers to cause a denial of service (2 GB transient heap usage per read) in uncommon situations involving JsonNode JDK serialization.
CVE-2023-0462 2 Redhat, Theforeman 4 Satellite, Satellite Capsule, Satellite Utils and 1 more 2024-11-21 8 High
An arbitrary code execution flaw was found in Foreman. This issue may allow an admin user to execute arbitrary code on the underlying operating system by setting global parameters with a YAML payload.
CVE-2023-0119 1 Redhat 5 Enterprise Linux, Satellite, Satellite Capsule and 2 more 2024-11-21 5.4 Medium
A stored Cross-site scripting vulnerability was found in foreman. The Comment section in the Hosts tab has incorrect filtering of user input data. As a result of the attack, an attacker with an existing account on the system can steal another user's session, make requests on behalf of the user, and obtain user credentials.
CVE-2023-0118 2 Redhat, Theforeman 6 Enterprise Linux, Satellite, Satellite Capsule and 3 more 2024-11-21 9.1 Critical
An arbitrary code execution flaw was found in Foreman. This flaw allows an admin user to bypass safe mode in templates and execute arbitrary code on the underlying operating system.
CVE-2022-42003 5 Debian, Fasterxml, Netapp and 2 more 23 Debian Linux, Jackson-databind, Oncommand Workflow Automation and 20 more 2024-11-21 7.5 High
In FasterXML jackson-databind before versions 2.13.4.1 and 2.12.17.1, resource exhaustion can occur because of a lack of a check in primitive value deserializers to avoid deep wrapper array nesting, when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled.
CVE-2022-3874 2 Redhat, Theforeman 4 Satellite, Satellite Capsule, Satellite Utils and 1 more 2024-11-21 8 High
A command injection flaw was found in foreman. This flaw allows an authenticated user with admin privileges on the foreman instance to transpile commands through CoreOS and Fedora CoreOS configurations in templates, possibly resulting in arbitrary command execution on the underlying operating system.
CVE-2021-4142 2 Candlepinproject, Redhat 4 Candlepin, Satellite, Satellite Capsule and 1 more 2024-11-21 5.5 Medium
The Candlepin component of Red Hat Satellite was affected by an improper authentication flaw. Few factors could allow an attacker to use the SCA (simple content access) certificate for authentication with Candlepin.
CVE-2021-3584 2 Redhat, Theforeman 4 Satellite, Satellite Capsule, Satellite Utils and 1 more 2024-11-21 7.2 High
A server side remote code execution vulnerability was found in Foreman project. A authenticated attacker could use Sendmail configuration options to overwrite the defaults and perform command injection. The highest threat from this vulnerability is to confidentiality, integrity and availability of system. Fixed releases are 2.4.1, 2.5.1, 3.0.0.