Lucene search
K

5 matches found

RedHat Linux
RedHat Linux
added 2020/04/22 2:11 p.m.9 views

ansible: insecure temporary directory when running become_user from become directive

A race condition flaw was found in Ansible Engine when running a playbook with an unprivileged become user. When Ansible needs to run a module with become user, the temporary directory is created in /var/tmp. This directory is created with "umask 77 && mkdir -p "; this operation does not fail if...

5CVSS7.1AI score0.004EPSS
Exploits1References4
OSV
OSV
added 2020/03/11 7:15 p.m.28 views

CVE-2020-1733

A race condition flaw was found in Ansible Engine 2.7.17 and prior, 2.8.9 and prior, 2.9.6 and prior when running a playbook with an unprivileged become user. When Ansible needs to run a module with become user, the temporary directory is created in /var/tmp. This directory is created with "umask...

5CVSS5.1AI score0.004EPSS
Exploits1References8
PyPA
PyPA
added 2020/03/11 7:15 p.m.9 views

PYSEC-2020-5

A race condition flaw was found in Ansible Engine 2.7.17 and prior, 2.8.9 and prior, 2.9.6 and prior when running a playbook with an unprivileged become user. When Ansible needs to run a module with become user, the temporary directory is created in /var/tmp. This directory is created with "umask...

5CVSS6.7AI score0.004EPSS
Exploits1References8Affected Software1
OSV
OSV
added 2020/03/11 7:15 p.m.5 views

PYSEC-2020-5

A race condition flaw was found in Ansible Engine 2.7.17 and prior, 2.8.9 and prior, 2.9.6 and prior when running a playbook with an unprivileged become user. When Ansible needs to run a module with become user, the temporary directory is created in /var/tmp. This directory is created with "umask...

5CVSS6.7AI score0.004EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2020/03/11 12:0 a.m.9 views

PT-2020-6579

Name of the Vulnerable Software and Affected Versions Ansible Engine versions 2.7.17 and prior Ansible Engine versions 2.8.9 and prior Ansible Engine versions 2.9.6 and prior Description The issue is related to a race condition flaw in Ansible Engine when running a playbook with an unprivileged...

5CVSS7.6AI score0.004EPSS
Exploits1References199
Rows per page
Query Builder