15 matches found
GLSA-202006-11 : Ansible: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-202006-11 Ansible: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Ansible. Please review the CVE identifiers referenced below for details. Impact : Please review the referenced CVE identifiers for detail...
Fedora: Security Advisory for ansible (FEDORA-2020-3990f03ba3)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora 30 : ansible (2020-1b6ce91e37)
Update to upstream bugfix and security update 2.9.7. See https://github.com/ansible/ansible/blob/stable-2.9/changelogs/CHANGELO G-v2.9.rst for a detailed list of changes. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system websit...
Important: Red Hat Security Advisory: Ansible security and bug fix update (2.8.11)
An update for ansible is now available for Ansible Engine 2.8 Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...
Important: Red Hat Security Advisory: Ansible security and bug fix update (2.7.17)
An update for ansible is now available for Ansible Engine 2.7 Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...
Important: Red Hat Security Advisory: Ansible security and bug fix update (2.9.7)
An update for ansible is now available for Ansible Engine 2 Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link...
Important: Red Hat Security Advisory: Ansible security and bug fix update (2.9.7)
An update for ansible is now available for Ansible Engine 2.9 Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...
RHEL 7 / 8 : Ansible security update (2.8.11) (Important) (RHSA-2020:1543)
The remote Redhat Enterprise Linux 7 / 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:1543 advisory. Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over S...
RHEL 7 / 8 : Ansible security update (2.9.7) (Important) (RHSA-2020:1541)
The remote Redhat Enterprise Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1541 advisory. Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over S...
Photon OS 3.0: Ansible PHSA-2020-3.0-0078
An update of the ansible package has been released. C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2020-3.0-0078. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid135779;...
Photon OS 2.0: Ansible PHSA-2020-2.0-0226
An update of the ansible package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2020-2.0-0226. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
CVE-2020-10684
A flaw was found in Ansible Engine, all versions 2.7.x, 2.8.x and 2.9.x prior to 2.7.17, 2.8.9 and 2.9.6 respectively, when using ansiblefacts as a subkey of itself and promoting it to a variable when inject is enabled, overwriting the ansiblefacts after the clean. An attacker could take advantag...
CVE-2020-10684
A flaw was found in Ansible Engine, all versions 2.7.x, 2.8.x and 2.9.x prior to 2.7.17, 2.8.9 and 2.9.6 respectively, when using ansiblefacts as a subkey of itself and promoting it to a variable when inject is enabled, overwriting the ansiblefacts after the clean. An attacker could take advantag...
CVE-2020-10684
Ansible Engine vulnerable scope: versions 2.7.x before 2.7.17, 2.8.x before 2.8.11, and 2.9.x before 2.9.7 allow an attacker to alter ansible_facts when inject is enabled, potentially leading to privilege escalation or code injection. Connected advisories confirm the same underlying issue and pro...
CVE-2020-10684
A flaw was found in Ansible Engine, all versions 2.7.x, 2.8.x and 2.9.x prior to 2.7.17, 2.8.9 and 2.9.6 respectively, when using ansiblefacts as a subkey of itself and promoting it to a variable when inject is enabled, overwriting the ansiblefacts after the clean. An attacker could take advantag...