Lucene search
+L

4 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/15 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2020-1737

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in Ansible 2.7.17 and prior, 2.8.9 and prior, and 2.9.6 and prior when using the Extract- Zip function from the winunzip module as the extracte...

7.8CVSS6.8AI score0.00362EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2020/04/22 2:11 p.m.12 views

ansible: Extract-Zip function in win_unzip module does not check extracted path

A flaw was found in the Ansible Engine when using the Extract-Zip function from the winunzip module as the extracted files are not checked if they belong to the destination folder. An attacker could take advantage of this flaw by crafting an archive anywhere in the file system, using a path...

7.8CVSS7.1AI score0.00362EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/04/22 2:10 p.m.8 views

ansible: Extract-Zip function in win_unzip module does not check extracted path

A flaw was found in the Ansible Engine when using the Extract-Zip function from the winunzip module as the extracted files are not checked if they belong to the destination folder. An attacker could take advantage of this flaw by crafting an archive anywhere in the file system, using a path...

7.8CVSS7.1AI score0.00362EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2020/03/09 12:0 a.m.7 views

PT-2020-5090

Name of the Vulnerable Software and Affected Versions Ansible versions 2.7.17 and prior Ansible versions 2.8.9 and prior Ansible versions 2.9.6 and prior Description A flaw was found in Ansible when using the Extract-Zip function from the win unzip module. The extracted files are not checked if...

8.5CVSS7.4AI score0.00362EPSS
Exploits0References193
Rows per page
Query Builder