Lucene search
PRIOn knowledge basePRION:CVE-2023-5189HistoryNov 14, 2023 - 11:15 p.m.
Path traversal
2023-11-1423:15:00
PRIOn knowledge base
www.prio-n.com
8
ansible
path traversal
vulnerability
tarball
symlink
disk overwrite
A path traversal vulnerability exists in Ansible when extracting tarballs. An attacker could craft a malicious tarball so that when using the galaxy importer of Ansible Automation Hub, a symlink could be dropped on the disk, resulting in files being overwritten.
| CPE | Name | Operator | Version |
|---|---|---|---|
| ansible_automation_platform | eq | 2.0 | |
| satellite | eq | 6.0 |
Related
redhatcve
redhatcve
CVE-2023-5189
2023-09-26 05:54:26
debiancve
debiancve
CVE-2023-5189
1976-01-01 00:00:00
ubuntucve
ubuntucve
CVE-2023-5189
2023-11-14 00:00:00
osv
osv
Ansible galaxy-importer Path Traversal vulnerability
2023-11-15 00:31:08
cvelist
cvelist
cve
cve
CVE-2023-5189
2023-11-14 23:15:12
nvd
nvd
CVE-2023-5189
2023-11-14 23:15:12
github
github
Ansible galaxy-importer Path Traversal vulnerability
2023-11-15 00:31:08
veracode
veracode
Path Traversal
2023-11-16 10:11:47
nessus
nessus
RHEL 8 / 9 : Red Hat Ansible Automation Platform 2.4 Product Security and Bug Fix Update (Moderate) (RHSA-2023:7773)
2024-04-29 00:00:00
RHEL 8 : Satellite 6.14.3 Async Security Update (Moderate) (RHSA-2024:1536)
2024-04-28 00:00:00
RHEL 8 : Satellite 6.15.0 (Important) (RHSA-2024:2010)
2024-06-03 00:00:00
redhat
redhat
(RHSA-2023:7773) Moderate: Red Hat Ansible Automation Platform 2.4 Product Security and Bug Fix Update
2023-12-13 08:24:39
(RHSA-2024:1536) Moderate: Satellite 6.14.3 Async Security Update
2024-03-27 13:14:03
(RHSA-2024:2010) Important: Satellite 6.15.0 release
2024-04-23 17:00:52