14 matches found
Amazon Linux 2023 : ansible-core, ansible-test (ALAS2023-2025-860)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-860 advisory. This vulnerability allows attackers to bypass unsafe content protections using the hostvars object to reference and execute templated content. This issue can lead to arbitrary code execution if remote...
Amazon Linux 2023 : ansible-core, ansible-test (ALAS2023-2025-820)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-820 advisory. 2025-02-12: CVE-2024-11079 was removed from this advisory. 2025-02-12: The severity of this advisory has been changed from medium to low. Tenable has extracted the preceding description block directly...
Arbitrary Code Execution
Ansible-Core is vulnerable to Arbitrary Code Execution. The vulnerability is due to attackers bypassing unsafe content protections by using the hostvars object to reference and execute templated content, potentially leading to code execution if remote data or module outputs are improperly templat...
SUSE CVE-2024-11079
A flaw was found in Ansible-Core. This vulnerability allows attackers to bypass unsafe content protections using the hostvars object to reference and execute templated content. This issue can lead to arbitrary code execution if remote data or module outputs are improperly templated within playboo...
GHSA-99W6-3XPH-CX78 Ansible-Core vulnerable to content protections bypass
A flaw was found in Ansible-Core. This vulnerability allows attackers to bypass unsafe content protections using the hostvars object to reference and execute templated content. This issue can lead to arbitrary code execution if remote data or module outputs are improperly templated within playboo...
Ansible-Core vulnerable to content protections bypass
A flaw was found in Ansible-Core. This vulnerability allows attackers to bypass unsafe content protections using the hostvars object to reference and execute templated content. This issue can lead to arbitrary code execution if remote data or module outputs are improperly templated within playboo...
CVE-2024-11079
A flaw was found in Ansible-Core. This vulnerability allows attackers to bypass unsafe content protections using the hostvars object to reference and execute templated content. This issue can lead to arbitrary code execution if remote data or module outputs are improperly templated within playboo...
CVE-2024-11079
A flaw was found in Ansible-Core. This vulnerability allows attackers to bypass unsafe content protections using the hostvars object to reference and execute templated content. This issue can lead to arbitrary code execution if remote data or module outputs are improperly templated within playboo...
UBUNTU-CVE-2024-11079
A flaw was found in Ansible-Core. This vulnerability allows attackers to bypass unsafe content protections using the hostvars object to reference and execute templated content. This issue can lead to arbitrary code execution if remote data or module outputs are improperly templated within playboo...
CVE-2024-11079 Ansible-core: unsafe tagging bypass via hostvars object in ansible-core
A flaw was found in Ansible-Core. This vulnerability allows attackers to bypass unsafe content protections using the hostvars object to reference and execute templated content. This issue can lead to arbitrary code execution if remote data or module outputs are improperly templated within playboo...
CVE-2024-11079
CVE-2024-11079 : In Ansible-Core, a bypass of unsafe-content protections via the hostvars object can lead to arbitrary code execution if templating data from remote sources or module outputs is unsafe. The description explicitly states the risk of executing templated content when hostvars is used...
CVE-2024-11079
A flaw was found in Ansible-Core. This vulnerability allows attackers to bypass unsafe content protections using the hostvars object to reference and execute templated content. This issue can lead to arbitrary code execution if remote data or module outputs are improperly templated within playboo...
CVE-2024-11079
A flaw was found in Ansible-Core. This vulnerability allows attackers to bypass unsafe content protections using the hostvars object to reference and execute templated content. This issue can lead to arbitrary code execution if remote data or module outputs are improperly templated within...
PT-2024-16742
Name of the Vulnerable Software and Affected Versions Ansible-Core versions 2.x Description A flaw was found in Ansible-Core, allowing attackers to bypass unsafe content protections using the hostvars object to reference and execute templated content. This issue can lead to arbitrary code executi...