📦 Satellite

An authentication bypass vulnerability in Foreman with External Authentication allows attackers to gain administrative access by exploiting Apache mod_proxy's handling of HTTP headers with underscores...

This vulnerability allows admin users in Foreman to bypass safe mode restrictions in templates, enabling arbitrary code execution on the underlying operating system. It affects Foreman installations w...

CVE-2023-44487 is an HTTP/2 protocol vulnerability that allows attackers to cause denial of service by rapidly resetting streams, consuming server resources. This affects any system using HTTP/2, incl...

CVE-2021-3584 is a server-side remote code execution vulnerability in Foreman that allows authenticated attackers to inject malicious commands through Sendmail configuration options. This enables atta...

This Django vulnerability allows attackers to bypass URL-based access controls by appending trailing newlines to HTTP request URLs. Attackers could access restricted resources that should be protected...

This vulnerability allows attackers with valid external authentication (SSO or OpenID) to impersonate existing local users in Red Hat Satellite, gaining their privileges. It affects Red Hat Satellite ...

This vulnerability allows stored cross-site scripting (XSS) attacks in the Katello plugin for Foreman. Attackers can inject malicious JavaScript into user description fields, which executes when victi...