Candlepin
Sign in to watchSource repositories
CVEs (2)
| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2015-5187 | Med | 0.42 | 6.5 | 0.00 | Jul 25, 2017 | Candlepin allows remote attackers to obtain sensitive information by obtaining Java exception statements as a result of excessive web traffic. | |
| CVE-2012-6119 | 0.00 | — | 0.00 | Apr 2, 2013 | Candlepin before 0.7.24, as used in Red Hat Subscription Asset Manager before 1.2.1, does not properly check manifest signatures, which allows local users to modify manifests. |