Vulnerabilities > Redhat > Ansible Tower
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-05-06 | CVE-2018-10767 | Out-of-bounds Read vulnerability in multiple products There is a stack-based buffer over-read in calling GLib in the function gxps_images_guess_content_type of gxps-images.c in libgxps through 0.3.0 because it does not reject negative return values from a g_input_stream_read call. | 4.3 |
| 2018-05-04 | CVE-2018-10733 | Out-of-bounds Read vulnerability in multiple products There is a heap-based buffer over-read in the function ft_font_face_hash of gxps-fonts.c in libgxps through 0.3.0. | 4.3 |
| 2018-05-02 | CVE-2018-1104 | Code Injection vulnerability in Redhat Ansible Tower and Cloudforms Ansible Tower through version 3.2.3 has a vulnerability that allows users only with access to define variables for a job template to execute arbitrary code on the Tower server. | 6.5 |
| 2018-05-02 | CVE-2018-1101 | Weak Password Requirements vulnerability in Redhat Ansible Tower and Cloudforms Ansible Tower before version 3.2.4 has a flaw in the management of system and organization administrators that allows for privilege escalation. | 6.5 |