RHBA-2020:1539CriticalCVSS 8.8

Red Hat Bug Fix Advisory: Red Hat Ansible Tower 3.5.6-1 - RHEL7 Container

Published
April 22, 2020
Last Modified
June 27, 2026

🔗 CVE IDs covered (29)

📋 Description

CVE-2015-2716 — expat: Integer overflow leading to buffer overflow in XML_GetBuffer() CVE-2015-8035 — libxml2: DoS caused by incorrect error detection during XZ decompression CVE-2016-5131 — libxml2: Use after free triggered by XPointer paths beginning with range-to CVE-2017-15412 — libxml2: Use after free in xmlXPathCompOpEvalPositionalPredicate() function in xpath.c CVE-2017-18258 — libxml2: Unrestricted memory usage in xz_head() function in xzlib.c CVE-2018-10360 — file: out-of-bounds read via a crafted ELF file CVE-2018-14404 — libxml2: NULL pointer dereference in xmlXPathCompOpEval() function in xpath.c CVE-2018-14567 — libxml2: Infinite loop caused by incorrect error detection during LZMA decompression CVE-2018-18074 — python-requests: Redirect from HTTPS to HTTP does not remove Authorization header CVE-2018-20060 — python-urllib3: Cross-host redirect does not remove Authorization header allow for credential exposure CVE-2018-20852 — python: Cookie domain check returns incorrect results CVE-2019-3820 — gnome-shell: partial lock screen bypass CVE-2019-5436 — curl: TFTP receive heap buffer overflow in tftp_receive_packet() function CVE-2019-9924 — bash: BASH_CMD is writable in restricted bash shells CVE-2019-11236 — python-urllib3: CRLF injection due to not encoding the '\r\n' sequence leading to possible attack on internal service CVE-2019-16056 — python: email.utils.parseaddr wrongly parses email addresses CVE-2019-17041 — rsyslog: heap-based overflow in contrib/pmaixforwardedfrom/pmaixforwardedfrom.c CVE-2019-17042 — rsyslog: heap-based overflow in contrib/pmcisconames/pmcisconames.c CVE-2020-1734 — ansible: shell enabled by default in a pipe lookup plugin subprocess CVE-2020-1735 — ansible: path injection on dest parameter in fetch module CVE-2020-1736 — ansible: atomic_move primitive sets permissive permissions CVE-2020-1737 — ansible: Extract-Zip function in win_unzip module does not check extracted path CVE-2020-1738 — ansible: module package can be selected by the ansible facts CVE-2020-1739 — ansible: svn module leaks password when specified as a parameter CVE-2020-1740 — ansible: secrets readable after ansible-vault edit CVE-2020-1746 — ansible: Information disclosure issue in ldap_attr and ldap_entry modules CVE-2020-1753 — Ansible: kubectl connection plugin leaks sensitive information CVE-2020-10684 — Ansible: code injection when using ansible_facts as a subkey CVE-2020-10685 — Ansible: modules which use files encrypted with vault are not properly cleaned up

🔗 References (2)