Max CVSS | 7.5 | Min CVSS | 5.0 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2018-10869 | 5.0 |
redhat-certification does not properly restrict files that can be download through the /download page. A remote attacker may download any file accessible by the user running httpd.
|
13-02-2023 - 04:51 | 19-07-2018 - 22:29 | |
CVE-2018-10864 | 5.0 |
An uncontrolled resource consumption flaw has been discovered in redhat-certification in the way documents are loaded. A remote attacker may provide an existing but invalid XML file which would be opened and never closed, possibly producing a Denial
|
13-02-2023 - 04:51 | 13-08-2018 - 17:29 | |
CVE-2018-10870 | 7.5 |
redhat-certification does not properly sanitize paths in rhcertStore.py:__saveResultsFile. A remote attacker could use this flaw to overwrite any file, potentially gaining remote code execution.
|
09-10-2019 - 23:33 | 19-07-2018 - 22:29 |