Improper Path Parsing Vulnerability in Pulp 2.16.x and Older

Improper Path Parsing Vulnerability in Pulp 2.16.x and Older

CVE-2018-10917 · MEDIUM Severity

AV:N/AC:L/AU:S/C:N/I:P/A:N

pulp 2.16.x and possibly older is vulnerable to an improper path parsing. A malicious user or a malicious iso feed repository can write to locations accessible to the 'apache' user. This may lead to overwrite of published content on other iso repositories.

Learn more about our Cis Benchmark Audit For Apache Http Server.