EUVD-2019-0009

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2020-1735

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the Ansible Engine when the fetch module is used. An attacker could intercept the module, inject a new path, and then choose a new destinati...

ansible: path injection on dest parameter in fetch module

A flaw was found in the Ansible Engine when the fetch module is used. An attacker could intercept the module, inject a new path, and then choose a new destination path on the controller node...

The vulnerability of the fetch module in the Ansible configuration management system arises from incorrect restrictions on the path to the restricted-access directory. This allows attackers to gain unauthorized access to information and compromise its integrity.

The vulnerability of the fetch module in the Ansible configuration system is related to an incorrect path limitation for the restricted access directory. Exploiting this vulnerability could allow a local attacker to gain unauthorized access to information and compromise its integrity by copying a...

DEBIAN-CVE-2019-3828

Ansible fetch module before versions 2.5.15, 2.6.14, 2.7.8 has a path traversal vulnerability which allows copying and overwriting files outside of the specified destination in the local ansible controller host, by not restricting an absolute path...

PYSEC-2019-5

Ansible fetch module before versions 2.5.15, 2.6.14, 2.7.8 has a path traversal vulnerability which allows copying and overwriting files outside of the specified destination in the local ansible controller host, by not restricting an absolute path...

UBUNTU-CVE-2019-3828

Ansible fetch module before versions 2.5.15, 2.6.14, 2.7.8 has a path traversal vulnerability which allows copying and overwriting files outside of the specified destination in the local ansible controller host, by not restricting an absolute path...

Ansible: path traversal in the fetch module

A path traversal flaw was found in ansible. The fetch module allows copying and overwriting files outside of the specified destination in the local ansible controller host by not restricting an absolute path. The main threat from this vulnerability is to data confidentiality and integrity...

Ansible fetch module path traversal vulnerability

Ansible is a computer system configuration manager that can be used to publish, manage, and orchestrate computer systems. A path traversal vulnerability exists in the Ansible fetch module. An attacker can exploit this vulnerability to copy and overwrite files...