CVE-2019-3869

When running Tower before 3.4.3 on OpenShift or Kubernetes, application credentials are exposed to playbook job runs via environment variables. A malicious user with the ability to write playbooks could use this to gain administrative privileges. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt