18 matches found
EUVD-2023-2198
Malicious code in bioql PyPI...
EUVD-2023-1070
Malicious code in bioql PyPI...
CVE-2023-39059
An issue in ansible semaphore v.2.8.90 allows a remote attacker to execute arbitrary code via a crafted payload to the extra variables parameter...
CVE-2023-28609
api/auth.go in Ansible Semaphore before 2.8.89 mishandles authentication...
The vulnerability of the Ansible Semaphore configuration management interface, related to improper control of code generation, allows a attacker to execute arbitrary code.
The vulnerability of the Ansible Semaphore configuration management interface is related to incorrect code generation. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
Arbitrary Code Injection
github.com/ansible-semaphore/semaphore is vulnerable to Arbitrary Code Injection. The vulnerability exists in makeCmd function at AnsiblePlaybook.go which allows a remote attacker to execute arbitrary code via a crafted payload to the extra variables parameter...
CVE-2023-39059
An issue in ansible semaphore v.2.8.90 allows a remote attacker to execute arbitrary code via a crafted payload to the extra variables parameter...
PT-2023-5312 · Ansible · Ansible
Name of the Vulnerable Software and Affected Versions: ansible semaphore version 2.8.90 Description: The issue in ansible semaphore allows a remote attacker to execute arbitrary code via a crafted payload to the extra variables parameter. This is related to incorrect code generation management in...
CVE-2023-39059
An issue in ansible semaphore v.2.8.90 allows a remote attacker to execute arbitrary code via a crafted payload to the extra variables parameter...
CVE-2023-39059
An issue in ansible semaphore v.2.8.90 allows a remote attacker to execute arbitrary code via a crafted payload to the extra variables parameter...
GHSA-PMHG-CMJC-3875 Ansible Semaphore mishandles authentication
api/auth.go in Ansible Semaphore before 2.8.89 mishandles authentication...
CVE-2023-28609
api/auth.go in Ansible Semaphore before 2.8.89 mishandles authentication...
CVE-2023-28609
api/auth.go in Ansible Semaphore before 2.8.89 mishandles authentication...
Authentication flaw
api/auth.go in Ansible Semaphore before 2.8.89 mishandles authentication...
Red Hat Ansible 授权问题漏洞
Red Hat Ansible is a computer system configuration manager from Red Hat, an American company. The product can be used to publish, manage, and orchestrate computer systems. A security vulnerability exists in Red Hat Ansible Semaphore versions prior to 2.8.89 that stems from incorrectly handled...
CVE-2023-28609
api/auth.go in Ansible Semaphore before 2.8.89 mishandles authentication...
CVE-2023-28609
api/auth.go in Ansible Semaphore before 2.8.89 mishandles authentication...
PT-2023-21844
Name of the Vulnerable Software and Affected Versions Ansible Semaphore versions prior to 2.8.89 Description The issue is related to the mishandling of authentication in the api/auth.go file. Recommendations For versions prior to 2.8.89, update to version 2.8.89 or later to resolve the issue...