Astra Linux - уязвимость в ansible

A flaw was discovered in Ansible Engine 2.9.18, where sensitive information is not masked by default, and the nolog feature is not protected when using the sub-option feature of the basic.py module. This flaw allows an attacker to obtain sensitive information. The greatest threat posed by this...

Astra Linux - уязвимость в ansible

A flaw was discovered in Ansible. Credentials, such as secrets, are being disclosed in the console logs by default, and are not protected by the nolog feature when those modules are used. An attacker can exploit this information to steal those credentials. The greatest threat posed by this...

EUVD-2021-0004

Malware in sbrugna...

CVE-2024-31207 Vite's `server.fs.deny` did not deny requests for patterns with directories

Vite French word for "quick", pronounced /vit/, like "veet" is a frontend build tooling to improve the frontend development experience.server.fs.deny does not deny requests for patterns with directories. This vulnerability has been patched in versions 5.2.6, 5.1.7, 5.0.13, 4.5.3, 3.2.10 and 2.9.1...

CVE-2024-31207 Vite's `server.fs.deny` did not deny requests for patterns with directories

Vite French word for "quick", pronounced /vit/, like "veet" is a frontend build tooling to improve the frontend development experience.server.fs.deny does not deny requests for patterns with directories. This vulnerability has been patched in versions 5.2.6, 5.1.7, 5.0.13, 4.5.3, 3.2.10 and 2.9.1...

SUSE CVE-2021-20228

A flaw was found in the Ansible Engine 2.9.18, where sensitive info is not masked by default and is not protected by the nolog feature when using the sub-option feature of the basic.py module. This flaw allows an attacker to obtain sensitive information. The highest threat from this vulnerability...

A flaw was found in ansible. Credentials such as secrets are being disclosed in console log by default and not protected by no_log feature when using those modules. An attacker can take advantage of this information to steal those credentials. The highest threat from this vulnerability is to data confidentiality. Versions before ansible 2.9.18 are affected.

...

RHEL 8 : RHV Engine and Host Common Packages security update [ovirt-4.4.6] (Moderate) (RHSA-2021:2180)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:2180 advisory. The ovirt-engine package provides the Red Hat Virtualization Manager, a centralized management platform that allows system administrators to...

PYSEC-2021-124

A flaw was found in ansible. Credentials, such as secrets, are being disclosed in console log by default and not protected by nolog feature when using those modules. An attacker can take advantage of this information to steal those credentials. The highest threat from this vulnerability is to dat...

CVE-2021-20191

A flaw was found in ansible. Credentials, such as secrets, are being disclosed in console log by default and not protected by nolog feature when using those modules. An attacker can take advantage of this information to steal those credentials. The highest threat from this vulnerability is to dat...

CVE-2021-20228

A flaw was found in the Ansible Engine 2.9.18, where sensitive info is not masked by default and is not protected by the nolog feature when using the sub-option feature of the basic.py module. This flaw allows an attacker to obtain sensitive information. The highest threat from this vulnerability...

Design/Logic Flaw

A flaw was found in the Ansible Engine 2.9.18, where sensitive info is not masked by default and is not protected by the nolog feature when using the sub-option feature of the basic.py module. This flaw allows an attacker to obtain sensitive information. The highest threat from this vulnerability...

UBUNTU-CVE-2021-20228

A flaw was found in the Ansible Engine 2.9.18, where sensitive info is not masked by default and is not protected by the nolog feature when using the sub-option feature of the basic.py module. This flaw allows an attacker to obtain sensitive information. The highest threat from this vulnerability...

CVE-2021-20228

A flaw was found in the Ansible Engine 2.9.18, where sensitive info is not masked by default and is not protected by the nolog feature when using the sub-option feature of the basic.py module. This flaw allows an attacker to obtain sensitive information. The highest threat from this vulnerability...

PT-2021-8096

Name of the Vulnerable Software and Affected Versions Ansible versions prior to 2.9.18 Description A flaw was found in Ansible where credentials, such as secrets, are disclosed in the console log by default and not protected by the no log feature when using certain modules. This allows an attacke...

PowerDNS < 2.9.18 Multiple Vulnerabilities

According to its self-reported version number, the version of the PowerDNS service listening on the remote host is prior to 2.9.18. It is, therefore, affected by multiple vulnerabilities : - A flaw exists due to improper escaping of LDAP queries. A remote attacker can exploit this to cause a deni...

CVE-2005-2302

PowerDNS before 2.9.18, when allowing recursion to a restricted range of IP addresses, does not properly handle questions from clients that are denied recursion, which could cause a "blank out" of answers to those clients that are allowed to use recursion...