Vulnerabilities > Redhat > Ansible Tower > 3.0.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-09-22 | CVE-2021-3583 | Code Injection vulnerability in Redhat Ansible Automation Platform and Ansible Tower A flaw was found in Ansible, where a user's controller is vulnerable to template injection. | 7.1 |
| 2021-05-27 | CVE-2020-14327 | Unspecified vulnerability in Redhat Ansible Tower A Server-side request forgery (SSRF) flaw was found in Ansible Tower in versions before 3.6.5 and before 3.7.2. | 5.5 |
| 2021-05-27 | CVE-2020-14328 | Unspecified vulnerability in Redhat Ansible Tower A flaw was found in Ansible Tower in versions before 3.7.2. | 3.3 |
| 2021-05-27 | CVE-2020-14329 | Unspecified vulnerability in Redhat Ansible Tower A data exposure flaw was found in Ansible Tower in versions before 3.7.2, where sensitive data can be exposed from the /api/v2/labels/ endpoint. | 3.3 |
| 2021-05-27 | CVE-2020-10697 | Unspecified vulnerability in Redhat Ansible Tower A flaw was found in Ansible Tower when running Openshift. | 4.4 |
| 2021-05-27 | CVE-2020-10698 | Unspecified vulnerability in Redhat Ansible Tower A flaw was found in Ansible Tower when running jobs. | 3.3 |
| 2021-05-27 | CVE-2020-10709 | Insufficient Session Expiration vulnerability in Redhat Ansible Tower A security flaw was found in Ansible Tower when requesting an OAuth2 token with an OAuth2 application. | 7.1 |
| 2021-04-01 | CVE-2021-3447 | A flaw was found in several ansible modules, where parameters containing credentials, such as secrets, were being logged in plain-text on managed nodes, as well as being made visible on the controller node when run in verbose mode. | 5.5 |
| 2021-03-09 | CVE-2021-20253 | Unspecified vulnerability in Redhat Ansible Tower A flaw was found in ansible-tower. | 6.7 |
| 2020-05-11 | CVE-2020-10685 | Incomplete Cleanup vulnerability in multiple products A flaw was found in Ansible Engine affecting Ansible Engine versions 2.7.x before 2.7.17 and 2.8.x before 2.8.11 and 2.9.x before 2.9.7 as well as Ansible Tower before and including versions 3.4.5 and 3.5.5 and 3.6.3 when using modules which decrypts vault files such as assemble, script, unarchive, win_copy, aws_s3 or copy modules. | 5.5 |