301 matches found
Astra Linux - уязвимость в ansible
In Ansible, all Ansible Engine versions up to ansible-engine 2.8.5, ansible-engine 2.7.13, and ansible-engine 2.6.19 were logging at the DEBUG level. This led to the disclosure of credentials if a plugin used a library that logged credentials at the DEBUG level. This flaw does not affect Ansible...
Astra Linux - уязвимость в ansible
A flaw was discovered in Ansible Engine, affecting versions 2.7.x before 2.7.17, 2.8.x before 2.8.11, 2.9.x before 2.9.7, as well as Ansible Tower in versions 3.4.5, 3.5.5, and 3.6.3. This issue occurs when using modules that decrypt vault files, such as assemble, script, unarchive, wincopy, awss...
Astra Linux - уязвимость в ansible
A flaw was discovered in Ansible Engine. This flaw occurs in all versions of Ansible Engine from 2.7.x, 2.8.x, and 2.9.x, as of 2.7.17, 2.8.9, and 2.9.6, respectively. The issue arises when using ansiblefacts as a subkey of itself and promoting it to a variable when inject is enabled. After the...
Astra Linux - уязвимость в ansible
A flaw was discovered in Ansible Engine, in ansible-engine 2.8.x before 2.8.15, and ansible-engine 2.9.x before 2.9.13, when installing packages using the dnf module. GPG signatures are ignored during installation, even when the disablegpgcheck parameter is set to False—which is the default...
Astra Linux - уязвимость в ansible
A flaw was found in the Ansible Engine 2.9.18, where sensitive info is not masked by default and is not protected by the nolog feature when using the sub-option feature of the basic.py module. This flaw allows an attacker to obtain sensitive information. The highest threat from this vulnerability...
Astra Linux - уязвимость в ansible
A security flaw was discovered in Ansible Engine. This flaw occurs in Ansible 2.7.x versions prior to 2.7.17, Ansible 2.8.x versions prior to 2.8.11, and Ansible 2.9.x versions prior to 2.9.7 when managing Kubernetes using the k8s module. Sensitive parameters such as passwords and tokens are pass...
Astra Linux - уязвимость в ansible
A race condition flaw was discovered in Ansible Engine 2.7.17 and earlier versions, as well as 2.8.9 and earlier, and 2.9.6 and earlier. This issue occurs when running a playbook with an unprivileged “become user” command. When Ansible needs to execute a module with the “become user” command, a...
Astra Linux - уязвимость в ansible
A flaw was discovered in the ansible-connection module of Ansible Engine, where sensitive information such as Ansible user credentials is disclosed by default in the traceback error message. The greatest threat posed by this vulnerability is related to confidentiality...
EUVD-2020-0011
Malware in sbrugna...
EUVD-2021-0005
Malware in sbrugna...
EUVD-2020-0018
Malware in sbrugna...
EUVD-2020-0022
Malware in sbrugna...
EUVD-2020-0019
Malware in sbrugna...
EUVD-2020-0003
Malware in sbrugna...
EUVD-2020-0030
Malware in sbrugna...
EUVD-2020-0006
Malware in sbrugna...
EUVD-2020-0026
Malware in sbrugna...
EUVD-2019-0008
Malware in sbrugna...
EUVD-2021-0004
Malware in sbrugna...
EUVD-2019-0005
Malware in sbrugna...