Subscription Asset Manager Red Hat Subscription Asset Manager

Do you want an email whenever new security vulnerabilities are reported in Red Hat Subscription Asset Manager?

By the Year

In 2022 there have been 0 vulnerabilities in Red Hat Subscription Asset Manager . Subscription Asset Manager did not have any published security vulnerabilities last year.

Year Vulnerabilities Average Score
2022 0 0.00
2021 0 0.00
2020 1 7.50
2019 2 6.50
2018 0 0.00

It may take a day or so for new Subscription Asset Manager vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Red Hat Subscription Asset Manager Security Vulnerabilities

Nokogiri before 1.5.4 is vulnerable to XXE attacks

CVE-2012-6685 7.5 - High - February 19, 2020

Nokogiri before 1.5.4 is vulnerable to XXE attacks

XEE

Nokogiri gem 1.5.x and 1.6.x has DoS while parsing XML entities by failing to apply limits

CVE-2013-6461 6.5 - Medium - November 05, 2019

Nokogiri gem 1.5.x and 1.6.x has DoS while parsing XML entities by failing to apply limits

XEE

Nokogiri gem 1.5.x has Denial of Service

CVE-2013-6460 6.5 - Medium - November 05, 2019

Nokogiri gem 1.5.x has Denial of Service via infinite loop when parsing XML documents

XEE

Red Hat JBoss A-MQ 6.x; BPM Suite (BPMS) 6.x; BRMS 6.x and 5.x; Data Grid (JDG) 6.x; Data Virtualization (JDV) 6.x and 5.x; Enterprise Application Platform 6.x, 5.x, and 4.3.x; Fuse 6.x; Fuse Service Works (FSW) 6.x; Operations Network (JBoss ON) 3.x; Portal 6.x; SOA Platform (SOA-P) 5.x; Web Server (JWS) 3.x; Red Hat OpenShift/xPAAS 3.x; and Red Hat Subscription Asset Manager 1.3

CVE-2015-7501 9.8 - Critical - November 09, 2017

Red Hat JBoss A-MQ 6.x; BPM Suite (BPMS) 6.x; BRMS 6.x and 5.x; Data Grid (JDG) 6.x; Data Virtualization (JDV) 6.x and 5.x; Enterprise Application Platform 6.x, 5.x, and 4.3.x; Fuse 6.x; Fuse Service Works (FSW) 6.x; Operations Network (JBoss ON) 3.x; Portal 6.x; SOA Platform (SOA-P) 5.x; Web Server (JWS) 3.x; Red Hat OpenShift/xPAAS 3.x; and Red Hat Subscription Asset Manager 1.3 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library.

Marshaling, Unmarshaling

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Red Hat Xpaas or by Red Hat? Click the Watch button to subscribe.

Red Hat
Vendor

subscribe