Filtered by vendor Redhat Subscriptions
Filtered by product Ansible Tower Subscriptions
Total 130 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2019-9947 2 Python, Redhat 8 Python, Ansible Tower, Enterprise Linux and 5 more 2024-11-21 6.1 Medium
An issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib in Python 3.x through 3.7.3. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \r\n (specifically in the path component of a URL that lacks a ? character) followed by an HTTP header or a Redis command. This is similar to the CVE-2019-9740 query string issue. This is fixed in: v2.7.17, v2.7.17rc1, v2.7.18, v2.7.18rc1; v3.5.10, v3.5.10rc1, v3.5.8, v3.5.8rc1, v3.5.8rc2, v3.5.9; v3.6.10, v3.6.10rc1, v3.6.11, v3.6.11rc1, v3.6.12, v3.6.9, v3.6.9rc1; v3.7.4, v3.7.4rc1, v3.7.4rc2, v3.7.5, v3.7.5rc1, v3.7.6, v3.7.6rc1, v3.7.7, v3.7.7rc1, v3.7.8, v3.7.8rc1, v3.7.9.
CVE-2019-9924 6 Canonical, Debian, Gnu and 3 more 12 Ubuntu Linux, Debian Linux, Bash and 9 more 2024-11-21 7.8 High
rbash in Bash before 4.4-beta2 did not prevent the shell user from modifying BASH_CMDS, thus allowing the user to execute any command with the permissions of the shell.
CVE-2019-9740 2 Python, Redhat 8 Python, Ansible Tower, Enterprise Linux and 5 more 2024-11-21 6.1 Medium
An issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib in Python 3.x through 3.7.3. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \r\n (specifically in the query string after a ? character) followed by an HTTP header or a Redis command. This is fixed in: v2.7.17, v2.7.17rc1, v2.7.18, v2.7.18rc1; v3.5.10, v3.5.10rc1, v3.5.8, v3.5.8rc1, v3.5.8rc2, v3.5.9; v3.6.10, v3.6.10rc1, v3.6.11, v3.6.11rc1, v3.6.12, v3.6.9, v3.6.9rc1; v3.7.4, v3.7.4rc1, v3.7.4rc2, v3.7.5, v3.7.5rc1, v3.7.6, v3.7.6rc1, v3.7.7, v3.7.7rc1, v3.7.8, v3.7.8rc1, v3.7.9.
CVE-2019-7665 5 Canonical, Debian, Elfutils Project and 2 more 12 Ubuntu Linux, Debian Linux, Elfutils and 9 more 2024-11-21 5.5 Medium
In elfutils 0.175, a heap-based buffer over-read was discovered in the function elf32_xlatetom in elf32_xlatetom.c in libelf. A crafted ELF input can cause a segmentation fault leading to denial of service (program crash) because ebl_core_note does not reject malformed core file notes.
CVE-2019-7664 2 Elfutils Project, Redhat 9 Elfutils, Ansible Tower, Enterprise Linux and 6 more 2024-11-21 5.5 Medium
In elfutils 0.175, a negative-sized memcpy is attempted in elf_cvt_note in libelf/note_xlate.h because of an incorrect overflow check. Crafted elf input causes a segmentation fault, leading to denial of service (program crash).
CVE-2019-7150 5 Canonical, Debian, Elfutils Project and 2 more 12 Ubuntu Linux, Debian Linux, Elfutils and 9 more 2024-11-21 5.5 Medium
An issue was discovered in elfutils 0.175. A segmentation fault can occur in the function elf64_xlatetom in libelf/elf32_xlatetom.c, due to dwfl_segment_report_module not checking whether the dyn data read from a core file is truncated. A crafted input can cause a program crash, leading to denial-of-service, as demonstrated by eu-stack.
CVE-2019-7149 3 Debian, Elfutils Project, Redhat 4 Debian Linux, Elfutils, Ansible Tower and 1 more 2024-11-21 N/A
A heap-based buffer over-read was discovered in the function read_srclines in dwarf_getsrclines.c in libdw in elfutils 0.175. A crafted input can cause segmentation faults, leading to denial-of-service, as demonstrated by eu-nm.
CVE-2019-5436 8 Debian, F5, Fedoraproject and 5 more 15 Debian Linux, Traffix Signaling Delivery Controller, Fedora and 12 more 2024-11-21 7.8 High
A heap buffer overflow in the TFTP receiving code allows for DoS or arbitrary code execution in libcurl versions 7.19.4 through 7.64.1.
CVE-2019-5010 4 Debian, Opensuse, Python and 1 more 9 Debian Linux, Leap, Python and 6 more 2024-11-21 7.5 High
An exploitable denial-of-service vulnerability exists in the X509 certificate parser of Python.org Python 2.7.11 / 3.6.6. A specially crafted X509 certificate can cause a NULL pointer dereference, resulting in a denial of service. An attacker can initiate or accept TLS connections using crafted certificates to trigger this vulnerability.
CVE-2019-3869 1 Redhat 2 Ansible Tower, Cloudforms Managementengine 2024-11-21 7.2 High
When running Tower before 3.4.3 on OpenShift or Kubernetes, application credentials are exposed to playbook job runs via environment variables. A malicious user with the ability to write playbooks could use this to gain administrative privileges.
CVE-2019-3862 6 Debian, Fedoraproject, Libssh2 and 3 more 7 Debian Linux, Fedora, Libssh2 and 4 more 2024-11-21 N/A
An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit status message and no payload are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.
CVE-2019-3861 5 Debian, Libssh2, Netapp and 2 more 6 Debian Linux, Libssh2, Ontap Select Deploy Administration Utility and 3 more 2024-11-21 N/A
An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH packets with a padding length value greater than the packet length are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.
CVE-2019-3858 6 Debian, Fedoraproject, Libssh2 and 3 more 7 Debian Linux, Fedora, Libssh2 and 4 more 2024-11-21 N/A
An out of bounds read flaw was discovered in libssh2 before 1.8.1 when a specially crafted SFTP packet is received from the server. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.
CVE-2019-3838 5 Artifex, Debian, Fedoraproject and 2 more 12 Ghostscript, Debian Linux, Fedora and 9 more 2024-11-21 5.5 Medium
It was found that the forceput operator could be extracted from the DefineResource method in ghostscript before 9.27. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside of the constrains imposed by -dSAFER.
CVE-2019-3835 5 Artifex, Debian, Fedoraproject and 2 more 12 Ghostscript, Debian Linux, Fedora and 9 more 2024-11-21 5.5 Medium
It was found that the superexec operator was available in the internal dictionary in ghostscript before 9.27. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside of the constrains imposed by -dSAFER.
CVE-2019-3820 4 Canonical, Gnome, Opensuse and 1 more 5 Ubuntu Linux, Gnome-shell, Leap and 2 more 2024-11-21 4.3 Medium
It was discovered that the gnome-shell lock screen since version 3.15.91 did not properly restrict all contextual actions. An attacker with physical access to a locked workstation could invoke certain keyboard shortcuts, and potentially other actions.
CVE-2019-20372 6 Apple, Canonical, F5 and 3 more 8 Xcode, Ubuntu Linux, Nginx and 5 more 2024-11-21 5.3 Medium
NGINX before 1.17.7, with certain error_page configurations, allows HTTP request smuggling, as demonstrated by the ability of an attacker to read unauthorized web pages in environments where NGINX is being fronted by a load balancer.
CVE-2019-1559 13 Canonical, Debian, F5 and 10 more 91 Ubuntu Linux, Debian Linux, Big-ip Access Policy Manager and 88 more 2024-11-21 5.9 Medium
If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received with an invalid MAC. If the application then behaves differently based on that in a way that is detectable to the remote peer, then this amounts to a padding oracle that could be used to decrypt data. In order for this to be exploitable "non-stitched" ciphersuites must be in use. Stitched ciphersuites are optimised implementations of certain commonly used ciphersuites. Also the application must call SSL_shutdown() twice even if a protocol error has occurred (applications should not do this but some do anyway). Fixed in OpenSSL 1.0.2r (Affected 1.0.2-1.0.2q).
CVE-2019-19342 1 Redhat 1 Ansible Tower 2024-11-21 5.3 Medium
A flaw was found in Ansible Tower, versions 3.6.x before 3.6.2 and 3.5.x before 3.5.4, when /websocket is requested and the password contains the '#' character. This request would cause a socket error in RabbitMQ when parsing the password and an HTTP error code 500 and partial password disclose will occur in plaintext. An attacker could easily guess some predictable passwords or brute force the password.
CVE-2019-19341 1 Redhat 1 Ansible Tower 2024-11-21 5.5 Medium
A flaw was found in Ansible Tower, versions 3.6.x before 3.6.2, where files in '/var/backup/tower' are left world-readable. These files include both the SECRET_KEY and the database backup. Any user with access to the Tower server, and knowledge of when a backup is run, could retrieve every credential stored in Tower. Access to data is the highest threat with this vulnerability.