Vulnerabilities > Redhat > Ansible Tower > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-01-03 | CVE-2018-16879 | Missing Encryption of Sensitive Data vulnerability in Redhat Ansible Tower Ansible Tower before version 3.3.3 does not set a secure channel as it is using the default insecure configuration channel settings for messaging celery workers from RabbitMQ. | 9.8 |
2018-10-06 | CVE-2018-17456 | Argument Injection or Modification vulnerability in multiple products Git before 2.14.5, 2.15.x before 2.15.3, 2.16.x before 2.16.5, 2.17.x before 2.17.2, 2.18.x before 2.18.1, and 2.19.x before 2.19.1 allows remote code execution during processing of a recursive "git clone" of a superproject if a .gitmodules file has a URL field beginning with a '-' character. | 9.8 |
2018-08-01 | CVE-2015-9262 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products _XcursorThemeInherits in library.c in libXcursor before 1.1.15 allows remote attackers to cause denial of service or potentially code execution via a one-byte heap overflow. | 9.8 |
2018-07-05 | CVE-2018-12910 | Out-of-bounds Read vulnerability in multiple products The get_cookies function in soup-cookie-jar.c in libsoup 2.63.2 allows attackers to have unspecified impact via an empty hostname. | 9.8 |