Medium severity5.5OSV Advisory· Published Jun 8, 2017· Updated Jun 17, 2026
CVE-2016-3095
CVE-2016-3095
Description
server/bin/pulp-gen-ca-certificate in Pulp before 2.8.2 allows local users to read the generated private key.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4build-0.0.332, build-0.0.333, build-0.0.334, …+ 1 more
- (no CPE)range: build-0.0.332, build-0.0.333, build-0.0.334, …
- cpe:2.3:a:pulpproject:pulp:*:*:*:*:*:*:*:*range: <=2.8.1
- cpe:2.3:o:fedoraproject:fedora:24:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
5- github.com/pulp/pulp/pull/2503/commits/9f969b94c4b4f310865455d36db207de6cffebcanvdPatchThird Party Advisory
- bugzilla.redhat.com/show_bug.cginvdExploitIssue TrackingPatchThird Party AdvisoryVDB Entry
- lists.fedoraproject.org/pipermail/package-announce/2016-April/182006.htmlnvdThird Party Advisory
- www.openwall.com/lists/oss-security/2016/04/06/3nvdMailing ListThird Party Advisory
- www.openwall.com/lists/oss-security/2016/04/18/11nvdMailing ListThird Party Advisory
News mentions
0No linked articles in our index yet.