Ansible Tower

DATE	CVE	VULNERABILITY TITLE	RISK
2018-07-28	CVE-2018-14680	Improper Input Validation vulnerability in multiple products An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. network cabextract cabextract-project debian canonical redhat CWE-20	4.3
2018-07-28	CVE-2018-14679	Off-by-one Error vulnerability in multiple products An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. network cabextract cabextract-project canonical debian redhat CWE-193	4.3
2018-07-27	CVE-2017-12148	Improper Input Validation vulnerability in Redhat Ansible Tower and Cloudforms A flaw was found in Ansible Tower's interface before 3.1.5 and 3.2.0 with SCM repositories. network low complexity redhat CWE-20 critical	9.0
2018-07-25	CVE-2018-13988	Out-of-bounds Read vulnerability in multiple products Poppler through 0.62 contains an out of bounds read vulnerability due to an incorrect memory access that is not mapped in its memory space, as demonstrated by pdfunite. network freedesktop canonical debian redhat CWE-125	4.3
2018-07-05	CVE-2018-12910	Out-of-bounds Read vulnerability in multiple products The get_cookies function in soup-cookie-jar.c in libsoup 2.63.2 allows attackers to have unspecified impact via an empty hostname. network low complexity gnome canonical debian redhat opensuse CWE-125 critical	9.8
2018-06-19	CVE-2018-1061	python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is vulnerable to catastrophic backtracking in the difflib.IS_LINE_JUNK method. network low complexity python debian redhat canonical fedoraproject	7.5
2018-06-18	CVE-2018-1060	python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is vulnerable to catastrophic backtracking in pop3lib's apop() method. network low complexity python fedoraproject canonical redhat debian	7.5
2018-06-13	CVE-2018-0495	Information Exposure Through Discrepancy vulnerability in multiple products Libgcrypt before 1.7.10 and 1.8.x before 1.8.3 allows a memory-cache side-channel attack on ECDSA signatures that can be mitigated through the use of blinding during the signing process in the _gcry_ecc_ecdsa_sign function in cipher/ecc-ecdsa.c, aka the Return Of the Hidden Number Problem or ROHNP. local high complexity gnupg canonical debian redhat oracle CWE-203	4.7
2018-05-10	CVE-2017-18267	Infinite Loop vulnerability in multiple products The FoFiType1C::cvtGlyph function in fofi/FoFiType1C.cc in Poppler through 0.64.0 allows remote attackers to cause a denial of service (infinite recursion) via a crafted PDF file, as demonstrated by pdftops. network freedesktop canonical redhat debian CWE-835	4.3
2018-05-06	CVE-2018-10768	NULL Pointer Dereference vulnerability in multiple products There is a NULL pointer dereference in the AnnotPath::getCoordsLength function in Annot.h in an Ubuntu package for Poppler 0.24.5. network freedesktop canonical debian redhat CWE-476	4.3