49 matches found
Astra Linux - уязвимость в ansible
A flaw was discovered in Ansible Engine when using Ansible Vault to edit encrypted files. When a user executes “ansible-vault edit”, another user on the same computer can read the old and new secrets. This occurs because the secrets are created in a temporary file using mkstemp, and after the fil...
Azure Linux 3.0 Security Update: ansible (CVE-2024-8775)
The version of ansible installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-8775 advisory. - A flaw was found in Ansible, where sensitive information stored in Ansible Vault files can be exposed in...
EUVD-2017-0001
Malware in sbrugna...
EUVD-2020-0012
Malware in sbrugna...
EUVD-2020-0005
Malware in sbrugna...
NewStart CGSL MAIN 7.02 : ansible-core Multiple Vulnerabilities (NS-SA-2025-0114)
The remote NewStart CGSL host, running version MAIN 7.02, has ansible-core packages installed that are affected by multiple vulnerabilities: - An information disclosure flaw was found in ansible-core due to a failure to respect the ANSIBLENOLOG configuration in some scenarios. Information is stil...
Amazon Linux 2023 : ansible-core, ansible-test (ALAS2023-2025-846)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-846 advisory. A flaw was found in Ansible, where sensitive information stored in Ansible Vault files can be exposed in plaintext during the execution of a playbook. This occurs when using tasks such as includevars to...
Medium: ansible-core
Issue Overview: A flaw was found in Ansible, where sensitive information stored in Ansible Vault files can be exposed in plaintext during the execution of a playbook. This occurs when using tasks such as includevars to load vaulted variables without setting the nolog: true parameter, resulting in...
MGASA-2025-0052 Updated python-ansible-core packages fix security vulnerabilities
Exposure of sensitive information in Ansible vault files due to improper logging. CVE-2024-8775 Ansible-core user may read/write unauthorized content. CVE-2024-9902 Unsafe tagging bypass via hostvars object in ansible-core. CVE-2024-11079...
Updated python-ansible-core packages fix security vulnerabilities
Exposure of sensitive information in Ansible vault files due to improper logging. CVE-2024-8775 Ansible-core user may read/write unauthorized content. CVE-2024-9902 Unsafe tagging bypass via hostvars object in ansible-core. CVE-2024-11079...
ansible-core: Exposure of Sensitive Information in Ansible Vault Files Due to Improper Logging
A flaw was found in Ansible, where sensitive information stored in Ansible Vault files can be exposed in plaintext during the execution of a playbook. This occurs when using tasks such as includevars to load vaulted variables without setting the nolog: true parameter, resulting in sensitive data...
CVE-2024-8775 Ansible-core: exposure of sensitive information in ansible vault files due to improper logging
A flaw was found in Ansible, where sensitive information stored in Ansible Vault files can be exposed in plaintext during the execution of a playbook. This occurs when using tasks such as includevars to load vaulted variables without setting the nolog: true parameter, resulting in sensitive data...
CVE-2024-8775 Ansible-core: exposure of sensitive information in ansible vault files due to improper logging
A flaw was found in Ansible, where sensitive information stored in Ansible Vault files can be exposed in plaintext during the execution of a playbook. This occurs when using tasks such as includevars to load vaulted variables without setting the nolog: true parameter, resulting in sensitive data...
Red Hat Ansible 日志信息泄露漏洞
Red Hat Ansible is a computer system configuration manager from Red Hat USA. The product can be used to distribute, manage, and orchestrate computer systems. Red Hat Ansible suffers from a log information disclosure vulnerability that originates when sensitive information stored in an Ansible Vau...
PT-2024-39241
Name of the Vulnerable Software and Affected Versions: Ansible affected versions not specified Description: A flaw was found in Ansible where sensitive information stored in Ansible Vault files can be exposed in plaintext during the execution of a playbook. This occurs when using tasks such as...
Amazon Linux 2 : ansible (ALASANSIBLE2-2023-008)
The version of ansible installed on the remote host is prior to 2.9.9-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2ANSIBLE2-2023-008 advisory. A flaw was found in Ansible Engine, all versions 2.7.x, 2.8.x and 2.9.x prior to 2.7.17, 2.8.9 and 2.9.6...
SUSE CVE-2020-1740
A flaw was found in Ansible Engine when using Ansible Vault for editing encrypted files. When a user executes "ansible-vault edit", another user on the same computer can read the old and new secret, as it is created in a temporary file with mkstemp and the returned file descriptor is closed and t...
GHSA-VCG8-98Q8-G7MJ Exposure of Sensitive Information to an Unauthorized Actor and Insecure Temporary File in Ansible
A flaw was found in Ansible Engine when using Ansible Vault for editing encrypted files. When a user executes "ansible-vault edit", another user on the same computer can read the old and new secret, as it is created in a temporary file with mkstemp and the returned file descriptor is closed and t...
Moderate: Red Hat Security Advisory: security update - Red Hat Ansible Tower 3.7.4-1 - RHEL7 Container
Red Hat Ansible Tower 3.7.4-1 - RHEL7 Container Fixed two jQuery vulnerabilities CVE-2020-11022, CVE-2020-11023 Improved Ansible Tower's web service configuration to allow for processing more simultaneous HTTPs requests by default Updated several dependencies of Ansible Tower's User Interface to...
MGASA-2020-0217 Updated ansible packages fix security vulnerabilities
Updated ansible package fixes security vulnerabilities: A race condition flaw was found in Ansible Engine when running a playbook with an unprivileged become user. When Ansible needs to run a module with become user, the temporary directory is created in /var/tmp. This directory is created with...