CVE-2015-5153

Pulp does not remove permissions for named objects upon deletion, which allows authenticated users to gain the privileges of a deleted object via creating an object with the same name. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt