2 matches found
PYSEC-2020-245
ovirt-engine-sdk-python before 3.4.0.7 and 3.5.0.4 does not verify that the hostname of the remote endpoint matches the Common Name CN or subjectAltName as specified by its x.509 certificate in a TLS/SSL session. This could allow man-in-the-middle attackers to spoof remote endpoints via an...
Important: Red Hat Security Advisory: Red Hat Ansible Tower 3.5.4-1 - RHEL7 Container
Red Hat Ansible Tower 3.5.4-1 - RHEL7 Container Added a command to generate a new SECRETKEY and rekey the database Removed the guest user from the optionally-configured RabbitMQ admin interface CVE-2019-19340 Fixed assorted issues with preserving permissions in the Ansible Tower backup playbook...