RHSA-2021:0779HighCVSS 6.7
Red Hat Security Advisory: Red Hat Ansible Tower 3.7.5-1 - Container security and bug fix update
🔗 CVE IDs covered (3)
📋 Description
CVE-2019-20372 — nginx: HTTP request smuggling in configurations with URL redirect used as error_page CVE-2020-35678 — python-autobahn: allows redirect header injection CVE-2021-20253 — ansible-tower: Privilege escalation via job isolation escape
🔗 References (6)
- selfhttps://access.redhat.com/errata/RHSA-2021:0779
- externalhttps://access.redhat.com/security/updates/classification/#important
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1790277
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1911314
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1928847
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_0779.json