CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

14 matches found

Tenable Nessus•added 2025/02/26 12:0 a.m.•12 views

Amazon Linux 2023 : ansible-core, ansible-test (ALAS2023-2025-860)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-860 advisory. This vulnerability allows attackers to bypass unsafe content protections using the hostvars object to reference and execute templated content. This issue can lead to arbitrary code execution if remote...

5.5CVSS7.7AI score0.00502EPSS

Exploits0References4

Tenable Nessus•added 2025/01/24 12:0 a.m.•29 views

Amazon Linux 2023 : ansible-core, ansible-test (ALAS2023-2025-820)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-820 advisory. 2025-02-12: CVE-2024-11079 was removed from this advisory. 2025-02-12: The severity of this advisory has been changed from medium to low. Tenable has extracted the preceding description block directly...

5.5CVSS6.5AI score0.00502EPSS

Exploits0References2

Veracode•added 2024/12/04 8:5 a.m.•3 views

Arbitrary Code Execution

Ansible-Core is vulnerable to Arbitrary Code Execution. The vulnerability is due to attackers bypassing unsafe content protections by using the hostvars object to reference and execute templated content, potentially leading to code execution if remote data or module outputs are improperly templat...

5.5CVSS5.9AI score0.00502EPSS

Exploits0References11Affected Software1

SUSE CVE•added 2024/11/13 4:6 a.m.•3 views

SUSE CVE-2024-11079

A flaw was found in Ansible-Core. This vulnerability allows attackers to bypass unsafe content protections using the hostvars object to reference and execute templated content. This issue can lead to arbitrary code execution if remote data or module outputs are improperly templated within playboo...

5.5CVSS7.9AI score0.00502EPSS

Exploits0References4

Github Security Blog•added 2024/11/12 12:30 a.m.•31 views

Ansible-Core vulnerable to content protections bypass

5.5CVSS7.7AI score0.00502EPSS

Exploits0References13Affected Software1

OSV•added 2024/11/12 12:30 a.m.•18 views

GHSA-99W6-3XPH-CX78 Ansible-Core vulnerable to content protections bypass

5.5CVSS6.3AI score0.00502EPSS

Exploits0References13

OSV•added 2024/11/12 12:15 a.m.•17 views

CVE-2024-11079

5.5CVSS6.2AI score0.00502EPSS

Exploits0References4

NVD•added 2024/11/12 12:15 a.m.•19 views

CVE-2024-11079

5.5CVSS0.00502EPSS

Exploits0References5

OSV•added 2024/11/12 12:15 a.m.•1 views

UBUNTU-CVE-2024-11079

5.5CVSS7.5AI score0.00502EPSS

Exploits0References4

Vulnrichment•added 2024/11/11 11:32 p.m.•13 views

CVE-2024-11079 Ansible-core: unsafe tagging bypass via hostvars object in ansible-core

5.5CVSS7.8AI score0.00502EPSS

Exploits0References4

CVE•added 2024/11/11 11:32 p.m.•305 views

CVE-2024-11079

CVE-2024-11079 : In Ansible-Core, a bypass of unsafe-content protections via the hostvars object can lead to arbitrary code execution if templating data from remote sources or module outputs is unsafe. The description explicitly states the risk of executing templated content when hostvars is used...

5.5CVSS6.2AI score0.00502EPSS

Exploits0References5

Debian CVE•added 2024/11/11 11:32 p.m.•5 views

CVE-2024-11079

5.5CVSS7.4AI score0.00502EPSS

Exploits0

RedhatCVE•added 2024/11/11 12:30 p.m.•14 views

CVE-2024-11079

5.5CVSS8.1AI score0.00502EPSS

Exploits0References3

Positive Technologies•added 2024/11/11 12:0 a.m.•4 views

PT-2024-16742

Name of the Vulnerable Software and Affected Versions Ansible-Core versions 2.x Description A flaw was found in Ansible-Core, allowing attackers to bypass unsafe content protections using the hostvars object to reference and execute templated content. This issue can lead to arbitrary code executi...

5.5CVSS7.8AI score0.00502EPSS

Exploits0References58

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by