Devan Goodwin

1 exploit Active since Apr 2013
CVE-2012-6119 WRITEUP WRITEUP
Candlepin < 0.7.24 - Manifest Signature Validation Bypass
Candlepin before 0.7.24, as used in Red Hat Subscription Asset Manager before 1.2.1, does not properly check manifest signatures, which allows local users to modify manifests.