VYPR

Pulpcore

by Pulpcore

CVEs (1)

  • CVE-2024-7923CriSep 4, 2024
    risk 0.64cvss 9.8epss 0.01

    An authentication bypass vulnerability has been identified in Pulpcore when deployed with Gunicorn versions prior to 22.0, due to the puppet-pulpcore configuration. This issue arises from Apache's mod_proxy not properly unsetting headers because of restrictions on underscores in…