228 matches found
SUSE-SU-2026:2680-1 Security update for ansible-core
This update for ansible-core fixes the following issues: - CVE-2026-11332: Argument injection in ansible-galaxy role install leads to arbitrary code execution bsc1267822...
SUSE SLES16 Security Update : ansible-core (SUSE-SU-2026:22171-1)
The remote SUSE Linux SLES16 / SLESSAP16 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2026:22171-1 advisory. This update for ansible-core fixes the following issue - CVE-2026-11332: argument injection in ansible-galaxy role install leads to arbitra...
Amazon Linux 2023 : ansible-core, ansible-test (ALAS2023-2026-1849)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1849 advisory. A flaw was found in ansible-core. The ansible-galaxy role install command processes dependency specifications from a role's meta/requirements.yml file. Due to improper neutralization of argument...
Fedora 44 : ansible-core (2026-7f70f809f0)
The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-7f70f809f0 advisory. - Mitigates CVE-2026-11332 rhbz2485397 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has...
Fedora 43 : ansible-core (2026-f027f57724)
The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-f027f57724 advisory. - Mitigates CVE-2026-11332 rhbz2485397 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has...
[SECURITY] Fedora 43 Update: ansible-core-2.18.18~rc1-1.fc43
Ansible is a radically simple model-driven configuration management, multi-node deployment, and remote task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred t...
[SECURITY] Fedora 44 Update: ansible-core-2.20.7~rc1-1.fc44
Ansible is a radically simple model-driven configuration management, multi-node deployment, and remote task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred t...
SUSE-SU-2026:22171-1 Security update for ansible-core
This update for ansible-core fixes the following issue - CVE-2026-11332: argument injection in ansible-galaxy role install leads to arbitrary code execution bsc1267822...
OPENSUSE-SU-2026:21097-1 Security update for ansible-core
This update for ansible-core fixes the following issue - CVE-2026-11332: argument injection in ansible-galaxy role install leads to arbitrary code execution bsc1267822...
OPENSUSE-SU-2026:11062-1 ansible-core-2.18-2.18.18-1.1 on GA media
These are all security issues fixed in the ansible-core-2.18-2.18.18-1.1 package on the GA media of openSUSE Tumbleweed...
OPENSUSE-SU-2026:11064-1 ansible-core-2.20-2.20.7-1.1 on GA media
These are all security issues fixed in the ansible-core-2.20-2.20.7-1.1 package on the GA media of openSUSE Tumbleweed...
OPENSUSE-SU-2026:11063-1 ansible-core-2.19-2.19.11-1.1 on GA media
These are all security issues fixed in the ansible-core-2.19-2.19.11-1.1 package on the GA media of openSUSE Tumbleweed...
ansible-core-2.21.0-3.1 on GA media (moderate)
ansible-core-2.21.0-3.1 on GA media Announcement ID: openSUSE-SU-2026:11007-1 Rating: moderate Cross-References: CVE-2026-11332 CVSS scores: CVE-2026-11332 SUSE : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: openSUSE Tumbleweed An update that solves one vulnerability can no...
OPENSUSE-SU-2026:11007-1 ansible-core-2.21.0-3.1 on GA media
These are all security issues fixed in the ansible-core-2.21.0-3.1 package on the GA media of openSUSE Tumbleweed...
Azure Linux 3.0 Security Update: CBL-Mariner Releases (CVE-2026-11332)
The version of CBL-Mariner Releases installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2026-11332 advisory. - A flaw was found in ansible-core. The ansible-galaxy role install command processes dependency...
Ansible-core: argument injection in ansible-galaxy role install leads to arbitrary code execution
...
ansible-core-2.20-2.20.6-1.1 on GA media (moderate)
ansible-core-2.20-2.20.6-1.1 on GA media Announcement ID: openSUSE-SU-2026:10945-1 Rating: moderate Cross-References: CVE-2023-5115 CVE-2023-5764 CVE-2024-0690 CVE-2024-11079 CVE-2024-8775 CVE-2024-9902 CVSS scores: CVE-2023-5115 SUSE : 6.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N CVE-2023-57...
SUSE CVE-2026-11332
A flaw was found in ansible-core. The ansible-galaxy role install command processes dependency specifications from a role's meta/requirements.yml file. Due to improper neutralization of argument delimiters, a malicious role author can inject arbitrary git configuration flags through the src field...
agsekit (>=0.0.1 <=1.7.1), airflow-ansible-provider (=0.6.0) +371 more potentially affected by CVE-2026-11332 via ansible-core (>=2.11.0 <=2.21.0)
ansible-core PYPI version =2.11.0, =0.0.1, =1.0.0, =0.20250623.1, =0.1.0.dev2, =6.0.0, =0.2.2, =1.0.10, =0.1.0, =0.0.1, =0.0.0, =3.0.0, =0.0.3, =1.0.7 and more Source cves: CVE-2026-11332 Source advisory: SNYK:PYTHON-ANSIBLECORE-17177022...
Arbitrary Argument Injection
Overview ansible-core is an a radically simple IT automation system. It handles configuration management, application deployment, cloud provisioning, ad-hoc task execution, network automation, and multi-node orchestration. Ansible makes complex changes like zero-downtime rolling updates with load...