222 matches found
SUSE SLES16 Security Update : ansible-core (SUSE-SU-2026:22171-1)
The remote SUSE Linux SLES16 / SLESSAP16 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2026:22171-1 advisory. This update for ansible-core fixes the following issue - CVE-2026-11332: argument injection in ansible-galaxy role install leads to arbitra...
Amazon Linux 2023 : ansible-core, ansible-test (ALAS2023-2026-1849)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1849 advisory. A flaw was found in ansible-core. The ansible-galaxy role install command processes dependency specifications from a role's meta/requirements.yml file. Due to improper neutralization of argument...
Fedora 43 : ansible-core (2026-f027f57724)
The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-f027f57724 advisory. - Mitigates CVE-2026-11332 rhbz2485397 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has...
Fedora 44 : ansible-core (2026-7f70f809f0)
The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-7f70f809f0 advisory. - Mitigates CVE-2026-11332 rhbz2485397 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has...
SUSE-SU-2026:22171-1 Security update for ansible-core
This update for ansible-core fixes the following issue - CVE-2026-11332: argument injection in ansible-galaxy role install leads to arbitrary code execution bsc1267822...
OPENSUSE-SU-2026:11063-1 ansible-core-2.19-2.19.11-1.1 on GA media
These are all security issues fixed in the ansible-core-2.19-2.19.11-1.1 package on the GA media of openSUSE Tumbleweed...
OPENSUSE-SU-2026:11062-1 ansible-core-2.18-2.18.18-1.1 on GA media
These are all security issues fixed in the ansible-core-2.18-2.18.18-1.1 package on the GA media of openSUSE Tumbleweed...
OPENSUSE-SU-2026:11064-1 ansible-core-2.20-2.20.7-1.1 on GA media
These are all security issues fixed in the ansible-core-2.20-2.20.7-1.1 package on the GA media of openSUSE Tumbleweed...
ansible-core-2.21.0-3.1 on GA media (moderate)
ansible-core-2.21.0-3.1 on GA media Announcement ID: openSUSE-SU-2026:11007-1 Rating: moderate Cross-References: CVE-2026-11332 CVSS scores: CVE-2026-11332 SUSE : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: openSUSE Tumbleweed An update that solves one vulnerability can no...
OPENSUSE-SU-2026:11007-1 ansible-core-2.21.0-3.1 on GA media
These are all security issues fixed in the ansible-core-2.21.0-3.1 package on the GA media of openSUSE Tumbleweed...
Azure Linux 3.0 Security Update: CBL-Mariner Releases (CVE-2026-11332)
The version of CBL-Mariner Releases installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2026-11332 advisory. - A flaw was found in ansible-core. The ansible-galaxy role install command processes dependency...
Ansible-core: argument injection in ansible-galaxy role install leads to arbitrary code execution
...
ansible-core-2.20-2.20.6-1.1 on GA media (moderate)
ansible-core-2.20-2.20.6-1.1 on GA media Announcement ID: openSUSE-SU-2026:10945-1 Rating: moderate Cross-References: CVE-2023-5115 CVE-2023-5764 CVE-2024-0690 CVE-2024-11079 CVE-2024-8775 CVE-2024-9902 CVSS scores: CVE-2023-5115 SUSE : 6.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N CVE-2023-57...
SUSE CVE-2026-11332
A flaw was found in ansible-core. The ansible-galaxy role install command processes dependency specifications from a role's meta/requirements.yml file. Due to improper neutralization of argument delimiters, a malicious role author can inject arbitrary git configuration flags through the src field...
agsekit (>=0.0.1 <=1.7.1), airflow-ansible-provider (=0.6.0) +371 more potentially affected by CVE-2026-11332 via ansible-core (>=2.11.0 <=2.21.0)
ansible-core PYPI version =2.11.0, =0.0.1, =1.0.0, =0.20250623.1, =0.1.0.dev2, =6.0.0, =0.2.2, =1.0.10, =0.1.0, =0.0.1, =0.0.0, =3.0.0, =0.0.3, =1.0.7 and more Source cves: CVE-2026-11332 Source advisory: SNYK:PYTHON-ANSIBLECORE-17177022...
Arbitrary Argument Injection
Overview ansible-core is an a radically simple IT automation system. It handles configuration management, application deployment, cloud provisioning, ad-hoc task execution, network automation, and multi-node orchestration. Ansible makes complex changes like zero-downtime rolling updates with load...
CVE-2026-11332
A flaw was found in ansible-core. The ansible-galaxy role install command processes dependency specifications from a role's meta/requirements.yml file. Due to improper neutralization of argument delimiters, a malicious role author can inject arbitrary git configuration flags through the src field...
UBUNTU-CVE-2026-11332
A flaw was found in ansible-core. The ansible-galaxy role install command processes dependency specifications from a role's meta/requirements.yml file. Due to improper neutralization of argument delimiters, a malicious role author can inject arbitrary git configuration flags through the src field...
CVE-2026-11332
A flaw was found in ansible-core. The ansible-galaxy role install command processes dependency specifications from a role's meta/requirements.yml file. Due to improper neutralization of argument delimiters, a malicious role author can inject arbitrary git configuration flags through the src field...
CVE-2026-11332 Ansible-core: argument injection in ansible-galaxy role install leads to arbitrary code execution
A flaw was found in ansible-core. The ansible-galaxy role install command processes dependency specifications from a role's meta/requirements.yml file. Due to improper neutralization of argument delimiters, a malicious role author can inject arbitrary git configuration flags through the src field...