Vulnerabilities > Redhat
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-03-16 | CVE-2020-1735 | A flaw was found in the Ansible Engine when the fetch module is used. | 4.6 |
| 2020-03-16 | CVE-2020-1753 | A security flaw was found in Ansible Engine, all Ansible 2.7.x versions prior to 2.7.17, all Ansible 2.8.x versions prior to 2.8.11 and all Ansible 2.9.x versions prior to 2.9.7, when managing kubernetes using the k8s module. | 5.5 |
| 2020-03-16 | CVE-2019-14887 | Unspecified vulnerability in Redhat products A flaw was found when an OpenSSL security provider is used with Wildfly, the 'enabled-protocols' value in the Wildfly configuration isn't honored. | 9.1 |
| 2020-03-12 | CVE-2020-10531 | Integer Overflow or Wraparound vulnerability in multiple products An issue was discovered in International Components for Unicode (ICU) for C/C++ through 66.1. network low complexity icu-project redhat google fedoraproject debian canonical opensuse oracle nodejs CWE-190 | 8.8 |
| 2020-03-12 | CVE-2020-1739 | A flaw was found in Ansible 2.7.16 and prior, 2.8.8 and prior, and 2.9.5 and prior when a password is set with the argument "password" of svn module, it is used on svn command line, disclosing to other users within the same node. | 3.9 |
| 2020-03-11 | CVE-2020-1733 | Race Condition vulnerability in multiple products A race condition flaw was found in Ansible Engine 2.7.17 and prior, 2.8.9 and prior, 2.9.6 and prior when running a playbook with an unprivileged become user. | 5.0 |
| 2020-03-11 | CVE-2011-2487 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products The implementations of PKCS#1 v1.5 key transport mechanism for XMLEncryption in JBossWS and Apache WSS4J before 1.6.5 is susceptible to a Bleichenbacher attack. | 5.9 |
| 2020-03-10 | CVE-2012-1094 | Information Exposure vulnerability in Redhat Jboss Application Server JBoss AS 7 prior to 7.1.1 and mod_cluster do not handle default hostname in the same way, which can cause the excluded-contexts list to be mismatched and the root context to be exposed. | 7.5 |
| 2020-03-09 | CVE-2020-1737 | Path Traversal vulnerability in Redhat Ansible Tower A flaw was found in Ansible 2.7.17 and prior, 2.8.9 and prior, and 2.9.6 and prior when using the Extract-Zip function from the win_unzip module as the extracted file(s) are not checked if they belong to the destination folder. | 7.8 |
| 2020-03-09 | CVE-2020-1706 | Unspecified vulnerability in Redhat Openshift Container Platform It has been found that in openshift-enterprise version 3.11 and openshift-enterprise versions 4.1 up to, including 4.3, multiple containers modify the permissions of /etc/passwd to make them modifiable by users other than root. | 7.0 |