TencentOS Server 3: ansible-core bug fix, enhancement, and (TSSA-2024:0192)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0192 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

Linux Distros Unpatched Vulnerability : CVE-2024-11079

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in Ansible-Core. This vulnerability allows attackers to bypass unsafe content protections using the hostvars object to reference and execute...

Low: ansible-core

Issue Overview: No CVE associated with this advisory Affected Packages: ansible-core Issue Correction: Run dnf update ansible-core --releasever 2023.6.20250123 or dnf update --advisory ALAS2023-2025-820 --releasever 2023.6.20250123 to update your system. More information on how to update your...

Moderate: Red Hat Security Advisory: Red Hat Ansible Automation Platform Execution Environments Container Release Update

An update is now available for Red Hat Ansible Automation Platform Execution Environments Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers can provide top-down guidelines on how automation is applied to...

Moderate: Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.4 Product Security and Bug Fix Update

An update is now available for Red Hat Ansible Automation Platform 2.4 Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

Moderate: Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.5 Product Release Update

An update is now available for Red Hat Ansible Automation Platform 2.5 Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

OPENSUSE-SU-2024:14499-1 ansible-core-2.16-2.16.13-1.1 on GA media

These are all security issues fixed in the ansible-core-2.16-2.16.13-1.1 package on the GA media of openSUSE Tumbleweed...

Ansible-Core vulnerable to content protections bypass

A flaw was found in Ansible-Core. This vulnerability allows attackers to bypass unsafe content protections using the hostvars object to reference and execute templated content. This issue can lead to arbitrary code execution if remote data or module outputs are improperly templated within playboo...

GHSA-99W6-3XPH-CX78 Ansible-Core vulnerable to content protections bypass

A flaw was found in Ansible-Core. This vulnerability allows attackers to bypass unsafe content protections using the hostvars object to reference and execute templated content. This issue can lead to arbitrary code execution if remote data or module outputs are improperly templated within playboo...

CVE-2024-11079

A flaw was found in Ansible-Core. This vulnerability allows attackers to bypass unsafe content protections using the hostvars object to reference and execute templated content. This issue can lead to arbitrary code execution if remote data or module outputs are improperly templated within playboo...

CVE-2024-11079

A flaw was found in Ansible-Core. This vulnerability allows attackers to bypass unsafe content protections using the hostvars object to reference and execute templated content. This issue can lead to arbitrary code execution if remote data or module outputs are improperly templated within playboo...

CVE-2024-11079 Ansible-core: unsafe tagging bypass via hostvars object in ansible-core

A flaw was found in Ansible-Core. This vulnerability allows attackers to bypass unsafe content protections using the hostvars object to reference and execute templated content. This issue can lead to arbitrary code execution if remote data or module outputs are improperly templated within playboo...

CVE-2024-11079

CVE-2024-11079 : In Ansible-Core, a bypass of unsafe-content protections via the hostvars object can lead to arbitrary code execution if templating data from remote sources or module outputs is unsafe. The description explicitly states the risk of executing templated content when hostvars is used...

CVE-2024-11079

A flaw was found in Ansible-Core. This vulnerability allows attackers to bypass unsafe content protections using the hostvars object to reference and execute templated content. This issue can lead to arbitrary code execution if remote data or module outputs are improperly templated within playboo...

CVE-2024-11079 Ansible-core: unsafe tagging bypass via hostvars object in ansible-core

A flaw was found in Ansible-Core. This vulnerability allows attackers to bypass unsafe content protections using the hostvars object to reference and execute templated content. This issue can lead to arbitrary code execution if remote data or module outputs are improperly templated within playboo...

CVE-2024-11079

A flaw was found in Ansible-Core. This vulnerability allows attackers to bypass unsafe content protections using the hostvars object to reference and execute templated content. This issue can lead to arbitrary code execution if remote data or module outputs are improperly templated within...

Moderate: Red Hat Security Advisory: Red Hat Ansible Automation Platform Execution Environments Container Release Update

An update is now available for Red Hat Ansible Automation Platform Execution Environments Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers can provide top-down guidelines on how automation is applied to...

agsekit (>=0.0.1 <=1.7.1), ansible (>=8.0.0 <=8.7.0) +17 more potentially affected by CVE-2024-9902 via ansible-core (>=2.15.1 <=2.15.13)

ansible-core PYPI version =2.15.1, =0.0.1, =8.0.0, =1.1.7, =1.5.37, =0.0.6, =0.1.0, =3.7.4, =0.1.0, =0.2.0, =0.1.0, =0.1.6 - netdevops-project =0.1.0 and more Source cves: CVE-2024-9902 Source advisory: SNYK:PYTHON-ANSIBLECORE-8349549...

Incorrect Authorization

Overview ansible-core is an a radically simple IT automation system. It handles configuration management, application deployment, cloud provisioning, ad-hoc task execution, network automation, and multi-node orchestration. Ansible makes complex changes like zero-downtime rolling updates with load...

CVE-2024-9902

A flaw was found in Ansible. The ansible-core user module can allow an unprivileged user to silently create or replace the contents of any file on any system path and take ownership of it when a privileged user executes the user module against the unprivileged user's home directory. If the...