10 matches found
agsekit (>=0.0.1 <=1.7.1), airflow-ansible-provider (=0.6.0) +371 more potentially affected by CVE-2026-11332 via ansible-core (>=2.11.0 <=2.21.0)
ansible-core PYPI version =2.11.0, =0.0.1, =1.0.0, =0.20250623.1, =0.1.0.dev2, =6.0.0, =0.2.2, =1.0.10, =0.1.0, =0.0.1, =0.0.0, =3.0.0, =0.0.3, =1.0.7 and more Source cves: CVE-2026-11332 Source advisory: SNYK:PYTHON-ANSIBLECORE-17177022...
Security Bulletin: IBM Security SOAR is using a component with a known vulnerability (CVE-2024-11079)
Summary IBM Security SOAR uses an older version of the Ansible-Core component that may be identified and exploited. Updates for supported versions have been released which address the issue. It is recommended to upgrade to version 51.0.10.0 Vulnerability Details CVEID:CVE-2024-11079 DESCRIPTION: ...
EUVD-2024-3228
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2024-9902
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in Ansible. The ansible-core user module can allow an unprivileged user to silently create or replace the contents of any file on any system pa...
Alibaba Cloud Linux 3 : 0236: ansible-core bug fix, enhancement, and (ALINUX3-SA-2024:0236)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2024:0236 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2024-0690: An information disclosure flaw was...
Arbitrary Code Execution
Ansible-Core is vulnerable to Arbitrary Code Execution. The vulnerability is due to attackers bypassing unsafe content protections by using the hostvars object to reference and execute templated content, potentially leading to code execution if remote data or module outputs are improperly templat...
Unauthorized File Manipulation
ansiblecore is vulnerable to Unauthorized File Manipulation. The vulnerability is due to the user module allowing an unprivileged user with directory traversal permissions to create or replace files on any system path and gain ownership when a privileged user executes the module against the...
ansible (>=6.0.0 <=7.7.0), ansible-doctor (>=3.1.2 <=3.1.3) +35 more potentially affected by CVE-2024-9902 via ansible-core (>=2.11.0 <=2.14.18)
ansible-core PYPI version =2.11.0, =6.0.0, =3.1.2, =1.1.2, =1.0.2, =1.0.4.1233rc0, =6.0.0, =8.0.0, =1.0.0, =1.4.1, =0.0.1, =0.2.0, =0.4.0 and more Source cves: CVE-2024-9902 Source advisory: SNYK:PYTHON-ANSIBLECORE-8349549...
ansible (>=6.0.0 <=7.7.0), ansible-doctor (>=3.1.2 <=3.1.3) +35 more potentially affected by CVE-2024-9902 via ansible-core (>=2.11.0 <=2.14.18)
ansible-core PYPI version =2.11.0, =6.0.0, =3.1.2, =1.1.2, =1.0.2, =1.0.4.1233rc0, =6.0.0, =8.0.0, =1.0.0, =1.4.1, =0.0.1, =0.2.0, =0.4.0 and more Source cves: CVE-2024-9902 Source advisory: OSV:GHSA-32P4-GM2C-WMCH...
Information Disclosure
Ansible-core is vulnerable to information disclosure. The vulnerability is due to a failure to respect the ANSIBLENOLOG configuration in some scenarios, leading to sensitive information being included in the output during certain tasks, such as loop items...