CVE-2020-11841

Unauthorized information disclosure vulnerability in Micro Focus ArcSight Management Center product, Affecting versions 2.6.1, 2.7.x, 2.8.x, 2.9.x prior to 2.9.4. The vulnerabilities could be remotely exploited resulting unauthorized information disclosure...

PT-2020-12287

Name of the Vulnerable Software and Affected Versions ansible-engine versions 2.9.x prior to 2.9.7 Description An archive traversal flaw was found in ansible-engine when running ansible-galaxy collection install. When extracting a collection .tar.gz file, the directory is created without sanitizi...

DEBIAN-CVE-2020-1736

A flaw was found in Ansible Engine when a file is moved using atomicmove primitive as the file mode cannot be specified. This sets the destination files world-readable if the destination file does not exist and if the file exists, the file could be changed to have less restrictive permissions...

UBUNTU-CVE-2020-1736

A flaw was found in Ansible Engine when a file is moved using atomicmove primitive as the file mode cannot be specified. This sets the destination files world-readable if the destination file does not exist and if the file exists, the file could be changed to have less restrictive permissions...

PT-2020-3040

Name of the Vulnerable Software and Affected Versions Ansible versions 2.7.x through 2.7.14 Ansible versions 2.8.x through 2.8.6 Ansible versions 2.9.x through 2.9.0 Description The issue is related to the absence of consideration for the no log flag in Ansible's system management configuration...

FasterXML jackson-databind Security Bypass Vulnerability

FasterXML Jackson is a U.S. FasterXML company for Java data processing tools . Jackson-databind is one of the components with data binding capabilities . A security bypass vulnerability exists in FasterXML jackson-databind versions 2.8.11 and earlier and versions 2.9.x through 2.9.3. An attacker...