EUVD-2020-0023

Ansible does not collect garbage after playbook run...

Malicious code in @terraform-aws-github-runner/aws-ssm-util (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 923d8c9265a141fb0384c59b41ad9dea10d1d2ee7a4d30165537b10a69d82e40 The OpenSSF Package Analysis project identified '@terraform-aws-github-runner/aws-ssm-util' @ 1.0.0 npm as malicious. It is considered malicious...

Malicious code in @terraform-aws-github-runner/aws-ssm-uti (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 9e8dee05678c6b03df102e495749bdc9db8ae73a32752a0f85345cc637577012 The OpenSSF Package Analysis project identified '@terraform-aws-github-runner/aws-ssm-uti' @ 1.999.0 npm as malicious. It is considered maliciou...

Command Shell, Bind SSM (via AWS API)

Creates an interactive shell using AWS SSM Module Options msf use payload/generic/shellbindawsssm msf payloadshellbindawsssm show actions ...actions... msf payloadshellbindawsssm set ACTION msf payloadshellbindawsssm show options ...show and set options... msf payloadshellbindawsssm run This modu...

CVE-2020-25636

A flaw was found in Ansible Base when using the awsssm connection plugin as there is no namespace separation for file transfers. Files are written directly to the root bucket, making possible to have collisions when running multiple ansible processes. This issue affects mainly the service...