23 matches found
CLSA-2026-1777614493 ansible: Fix of CVE-2019-14904
CVE-2019-14904: validate solariszone name to prevent command injection...
Amazon Linux 2 : ansible (ALASANSIBLE2-2023-009)
The version of ansible installed on the remote host is prior to 2.9.5-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2ANSIBLE2-2023-009 advisory. A flaw was found in the solariszone module from the Ansible Community modules. When setting the name for the zone o...
Important: ansible
Issue Overview: A flaw was found in the solariszone module from the Ansible Community modules. When setting the name for the zone on the Solaris host, the zone name is checked by listing the process with the 'ps' bare command on the remote machine. An attacker could take advantage of this flaw by...
Mageia: Security Advisory (MGASA-2020-0060)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DLA-2535-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DLA-2535-1 : ansible security update
CVE-2017-7481 Ansible fails to properly mark lookup-plugin results as unsafe. If an attacker could control the results of lookup calls, they could inject Unicode strings to be parsed by the jinja2 templating system, resulting in code execution. By default, the jinja2 templating language is now...
CVE-2019-14904
A flaw was found in the solariszone module from the Ansible Community modules. When setting the name for the zone on the Solaris host, the zone name is checked by listing the process with the 'ps' bare command on the remote machine. An attacker could take advantage of this flaw by crafting the na...
CVE-2019-14904
CVE-2019-14904 affects the Ansible Community solaris_zone module. When setting the zone name on a Solaris host, the zone name is checked by listing processes with the bare ps command on the remote host, enabling an attacker to craft the zone name and execute arbitrary commands on the remote syste...
CVE-2019-14904
A flaw was found in the solariszone module from the Ansible Community modules. When setting the name for the zone on the Solaris host, the zone name is checked by listing the process with the 'ps' bare command on the remote machine. An attacker could take advantage of this flaw by crafting the na...
Security update for ansible (moderate)
openSUSE Security Update: Security update for ansible Announcement ID: openSUSE-SU-2020:0523-1 Rating: moderate References: 1137479 1142542 1142690 1144453 1153452 1154231 1154232 1154830 1157968 1157969 Cross-References: CVE-2019-10206 CVE-2019-10217 CVE-2019-14846 CVE-2019-14856 CVE-2019-14858...
openSUSE Security Update : ansible (openSUSE-2020-513)
This update for ansible to version 2.9.6 fixes the following issues : Security issues fixed : - CVE-2019-14904: Fixed a vulnerability in solariszone module via crafted solaris zone boo1157968. - CVE-2019-14905: Fixed an issue where malicious code could craft filename in nxosfilecopy module...
openSUSE: Security Advisory for ansible (openSUSE-SU-2020:0513-1)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
OPENSUSE-SU-2020:0513-1 Security update for ansible
This update for ansible to version 2.9.6 fixes the following issues: Security issues fixed: - CVE-2019-14904: Fixed a vulnerability in solariszone module via crafted solaris zone boo1157968. - CVE-2019-14905: Fixed an issue where malicious code could craft filename in nxosfilecopy module...
Security update for ansible (moderate)
openSUSE Security Update: Security update for ansible Announcement ID: openSUSE-SU-2020:0513-1 Rating: moderate References: 1137479 1142542 1142690 1144453 1153452 1154231 1154232 1154830 1157968 1157969 Cross-References: CVE-2019-10206 CVE-2019-10217 CVE-2019-14846 CVE-2019-14856 CVE-2019-14858...
Fedora 30 : ansible (2020-2bed89517f)
Update to bugfix release 2.9.3. See https://github.com/ansible/ansible/blob/stable-2.9/changelogs/CHANGELO G-v2.9.rst Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and...
Fedora 31 : ansible (2020-caf7f7d0d9)
Update to bugfix release 2.9.3. See https://github.com/ansible/ansible/blob/stable-2.9/changelogs/CHANGELO G-v2.9.rst Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and...
RHEL 7 / 8 : Ansible security update (2.8.8) (Moderate) (RHSA-2020:0216)
The remote Redhat Enterprise Linux 7 / 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:0216 advisory. Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over S...
RHEL 7 : Ansible security update (2.7.16) (Moderate) (RHSA-2020:0217)
The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:0217 advisory. Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH a...
Moderate: Red Hat Security Advisory: Ansible security and bug fix update (2.9.4)
An update for ansible is now available for Ansible Engine 2 Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links...
Moderate: Red Hat Security Advisory: Ansible security and bug fix update (2.8.8)
An update for ansible is now available for Ansible Engine 2.8 Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE lin...