pulp-consumer-client 2.4.0 up to and including 2.6.3 does not check the server's TLS certificate signatures when retrieving the server's public key upon registration.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
pulpproject pulp 2.4.0 |
||
pulpproject pulp 2.4.2 |
||
pulpproject pulp 2.4.4 |
||
pulpproject pulp 2.4.1 |
||
pulpproject pulp 2.4.3 |
||
pulpproject pulp 2.5.1 |
||
pulpproject pulp 2.5.2 |
||
pulpproject pulp 2.5.3 |
||
pulpproject pulp 2.5.0 |
||
pulpproject pulp 2.6.2 |
||
pulpproject pulp 2.6.3 |
||
pulpproject pulp 2.6.0 |
||
pulpproject pulp 2.6.1 |