CVE-2018-14574

Отчет

This issue did not affect the versions of python-django as shipped with Red Hat Update Infrastructure 3 as the vulnerable code was introduced in a newer version of the package. Subscription Asset Manager is now in a reduced support phase receiving only Critical impact security fixes. This issue has been rated as having a security impact of Moderate, and is not currently planned to be addressed in future updates. Although Red Hat Satellite 6 contains the vulnerable component, it is not affected by this flaw since the condition to exploit the vulnerability cannot be satisfied. In Red Hat OpenStack Platform, because the flaw has a lower impact and the fix would require a substantial amount of development, no update will be provided at this time for the RHOSP python-django package.