14 matches found
SUSE CVE-2020-1735
A flaw was found in the Ansible Engine when the fetch module is used. An attacker could intercept the module, inject a new path, and then choose a new destination path on the controller node. All versions in 2.7.x, 2.8.x and 2.9.x branches are believed to be vulnerable...
GLSA-202006-11 : Ansible: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-202006-11 Ansible: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Ansible. Please review the CVE identifiers referenced below for details. Impact : Please review the referenced CVE identifiers for detail...
Fedora: Security Advisory for ansible (FEDORA-2020-3990f03ba3)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora 30 : ansible (2020-1b6ce91e37)
Update to upstream bugfix and security update 2.9.7. See https://github.com/ansible/ansible/blob/stable-2.9/changelogs/CHANGELO G-v2.9.rst for a detailed list of changes. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system websit...
Important: Red Hat Security Advisory: Ansible security and bug fix update (2.8.11)
An update for ansible is now available for Ansible Engine 2.8 Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...
Important: Red Hat Security Advisory: Ansible security and bug fix update (2.7.17)
An update for ansible is now available for Ansible Engine 2.7 Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...
Important: Red Hat Security Advisory: Ansible security and bug fix update (2.9.7)
An update for ansible is now available for Ansible Engine 2 Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link...
Important: Red Hat Security Advisory: Ansible security and bug fix update (2.9.7)
An update for ansible is now available for Ansible Engine 2.9 Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...
RHEL 7 / 8 : Ansible security update (2.9.7) (Important) (RHSA-2020:1541)
The remote Redhat Enterprise Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1541 advisory. Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over S...
RHEL 7 / 8 : Ansible security update (2.8.11) (Important) (RHSA-2020:1543)
The remote Redhat Enterprise Linux 7 / 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:1543 advisory. Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over S...
Photon OS 3.0: Ansible PHSA-2020-3.0-0078
An update of the ansible package has been released. C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2020-3.0-0078. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid135779;...
Photon OS 2.0: Ansible PHSA-2020-2.0-0226
An update of the ansible package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2020-2.0-0226. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
CVE-2020-1735
A flaw was found in the Ansible Engine when the fetch module is used. An attacker could intercept the module, inject a new path, and then choose a new destination path on the controller node. All versions in 2.7.x, 2.8.x and 2.9.x branches are believed to be vulnerable...
CVE-2020-1735
CVE-2020-1735 is a vulnerability in the Ansible Engine where the fetch module can be intercepted, enabling an attacker to inject a new path and choose a different destination path on the controller. The issue affects all 2.7.x, 2.8.x and 2.9.x branches. Connected advisories confirm multiple vendo...