23 matches found
RHEL 7 : ansible (RHSA-2018:2585)
The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2018:2585 advisory. Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH a...
Mageia: Security Advisory (MGASA-2018-0439)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 1923-1] ansible security update
Package : ansible Version : 1.7.2+dfsg-2+deb8u2 CVE ID : CVE-2015-3908 CVE-2015-6240 CVE-2018-10875 CVE-2019-10156 Debian Bug : 930065 Several vulnerabilities were discovered in Ansible, a configuration management, deployment, and task execution system. CVE-2015-3908 A potential man-in-the-middle...
Ubuntu: Security Advisory (USN-4072-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Update : ansible (openSUSE-2019-1125)
This update for ansible to version 2.7.8 fixes the following issues : Security issues fixed: - CVE-2018-16837: Fixed an information leak in user module bsc1112959. - CVE-2018-16859: Fixed an issue which clould allow logging of password in plaintext in Windows powerShell bsc1116587. - CVE-2019-382...
Debian DSA-4396-1 : ansible - security update
Several vulnerabilities have been found in Ansible, a configuration management, deployment, and task execution system : - CVE-2018-10855/ CVE-2018-16876 The nolog task flag wasn't honored, resulting in an information leak. - CVE-2018-10875 ansible.cfg was read from the current working directory. ...
Debian: Security Advisory (DSA-4396-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Moderate: Red Hat Security Advisory: ansible security update
An update for ansible is now available for Red Hat OpenStack Platform 10.0 Newton. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Fedora 28 : ansible (2018-1d2bc76093)
Update to ansible 2.6.1 bugfix release. Fixes also 2 CVEs: CVE-2018-10874 and CVE-2018-10875 See https://github.com/ansible/ansible/blob/stable-2.6/changelogs/CHANGELO G-v2.6.rst for full list of changes. Note that Tenable Network Security has extracted the preceding description block directly fr...
Updated ansible package fixes security vulnerabilities
It was found that inventory variables are loaded from current working directory when running ad-hoc command which are under attacker's control, allowing to run arbitrary code as a result CVE-2018-10874. It was found that ansible.cfg is being read from the current working directory, which can be...
Moderate: Red Hat Security Advisory: ansible security update
An update for ansible is now available for Red Hat OpenStack Platform 13.0 Queens. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
RHEL 7 : Red Hat Virtualization (RHSA-2018:2321)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:2321 advisory. The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host,...
Moderate: Red Hat Security Advisory: Red Hat Virtualization security, bug fix, and enhancement update
An update for redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
Fedora 27 : ansible (2018-53790a5236)
Update to ansible 2.6.1 bugfix release. Fixes also 2 CVEs: CVE-2018-10874 and CVE-2018-10875 See https://github.com/ansible/ansible/blob/stable-2.6/changelogs/CHANGELO G-v2.6.rst for full list of changes. Note that Tenable Network Security has extracted the preceding description block directly fr...
Fedora Update for ansible FEDORA-2018-1d2bc76093
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
DEBIAN-CVE-2018-10875
A flaw was found in ansible. ansible.cfg is read from the current working directory which can be altered to make it point to a plugin or a module path under the control of an attacker, thus allowing the attacker to execute arbitrary code...
CVE-2018-10875
CVE-2018-10875 affects Ansible where ansible.cfg is read from the current working directory, allowing an attacker to influence the plugin/module path and potentially execute arbitrary code. The issue arises because the CWD can be manipulated to point to controlled code. Red Hat/Ubuntu/openSUSE ad...
CVE-2018-10875
A flaw was found in ansible. ansible.cfg is read from the current working directory which can be altered to make it point to a plugin or a module path under the control of an attacker, thus allowing the attacker to execute arbitrary code...
RHEL 7 : ansible (RHSA-2018:2150)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:2150 advisory. Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH a...
RHEL 7 : ansible (RHSA-2018:2152)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:2152 advisory. Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH a...