Security Advisory

CVE-2018-10917

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2018-08-15 17:00:00

Last updated 2024-08-05 07:54:35

Assigner redhat

State PUBLISHED

Description

pulp 2.16.x and possibly older is vulnerable to an improper path parsing. A malicious user or a malicious iso feed repository can write to locations accessible to the apache user. This may lead to overwrite of published content on other iso repositories.

← Browse all CVEs View on cve.org ↗