Lucene search
K

19 matches found

Tenable Nessus
Tenable Nessus
added 2020/06/17 12:0 a.m.47 views

GLSA-202006-11 : Ansible: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202006-11 Ansible: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Ansible. Please review the CVE identifiers referenced below for details. Impact : Please review the referenced CVE identifiers for detail...

7.9CVSS6.9AI score0.00506EPSS
Exploits4References10
RedHat Linux
RedHat Linux
added 2020/04/22 2:11 p.m.66 views

Important: Red Hat Security Advisory: Ansible security and bug fix update (2.8.11)

An update for ansible is now available for Ansible Engine 2.8 Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

7.9CVSS6.9AI score0.00487EPSS
Exploits2References9
RedHat Linux
RedHat Linux
added 2020/04/22 2:11 p.m.60 views

Important: Red Hat Security Advisory: Ansible security and bug fix update (2.7.17)

An update for ansible is now available for Ansible Engine 2.7 Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

7.9CVSS6.9AI score0.00487EPSS
Exploits2References9
RedHat Linux
RedHat Linux
added 2020/04/22 2:10 p.m.78 views

Important: Red Hat Security Advisory: Ansible security and bug fix update (2.9.7)

An update for ansible is now available for Ansible Engine 2 Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link...

7.9CVSS6.9AI score0.00506EPSS
Exploits3References11
RedHat Linux
RedHat Linux
added 2020/04/22 2:10 p.m.82 views

Important: Red Hat Security Advisory: Ansible security and bug fix update (2.9.7)

An update for ansible is now available for Ansible Engine 2.9 Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

7.9CVSS6.9AI score0.00506EPSS
Exploits3References11
Tenable Nessus
Tenable Nessus
added 2020/04/22 12:0 a.m.39 views

RHEL 7 / 8 : Ansible security update (2.9.7) (Important) (RHSA-2020:1541)

The remote Redhat Enterprise Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1541 advisory. Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over S...

7.9CVSS6.9AI score0.00506EPSS
Exploits3References22
Tenable Nessus
Tenable Nessus
added 2020/04/22 12:0 a.m.46 views

RHEL 7 / 8 : Ansible security update (2.8.11) (Important) (RHSA-2020:1543)

The remote Redhat Enterprise Linux 7 / 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:1543 advisory. Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over S...

7.9CVSS6.9AI score0.00487EPSS
Exploits2References18
Tenable Nessus
Tenable Nessus
added 2020/04/20 12:0 a.m.37 views

FreeBSD : ansible - win_unzip path normalization (0899c0d3-80f2-11ea-bafd-815569f3852d)

Borja Tarraso reports : A flaw was found in Ansible 2.7.17 and prior, 2.8.9 and prior, and 2.9.6 and prior when using the Extract-Zip function from the winunzip module as the extracted files are not checked if they belong to the destination folder. An attacker could take advantage of this flaw by...

7.8CVSS7.3AI score0.00362EPSS
Exploits0References7
OpenVAS
OpenVAS
added 2020/03/17 12:0 a.m.32 views

Fedora: Security Advisory for ansible (FEDORA-2020-87f5e1e829)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.8CVSS6.7AI score0.03088EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2020/03/17 12:0 a.m.30 views

Fedora: Security Advisory for ansible (FEDORA-2020-a3f12bcff4)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

6.1AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2020/03/16 12:0 a.m.32 views

Fedora 30 : ansible (2020-0cab7041f7)

Update to 2.9.6 bugfix release and 2 CVE fixes: CVE-2020-1737, CVE-2020-1739 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without...

7.8CVSS6.9AI score0.00362EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2020/03/16 12:0 a.m.32 views

Fedora 31 : ansible (2020-a3f12bcff4)

Update to 2.9.6 bugfix release and 2 CVE fixes: CVE-2020-1737, CVE-2020-1739 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without...

7.8CVSS6.9AI score0.00362EPSS
Exploits0References3
NVD
NVD
added 2020/03/09 4:15 p.m.20 views

CVE-2020-1737

A flaw was found in Ansible 2.7.17 and prior, 2.8.9 and prior, and 2.9.6 and prior when using the Extract-Zip function from the winunzip module as the extracted files are not checked if they belong to the destination folder. An attacker could take advantage of this flaw by crafting an archive...

7.8CVSS7.1AI score0.00362EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2020/03/09 4:15 p.m.32 views

CVE-2020-1737

A flaw was found in Ansible 2.7.17 and prior, 2.8.9 and prior, and 2.9.6 and prior when using the Extract-Zip function from the winunzip module as the extracted files are not checked if they belong to the destination folder. An attacker could take advantage of this flaw by crafting an archive...

7.8CVSS6.8AI score0.00362EPSS
Exploits0References2
Cvelist
Cvelist
added 2020/03/09 3:11 p.m.46 views

CVE-2020-1737

A flaw was found in Ansible 2.7.17 and prior, 2.8.9 and prior, and 2.9.6 and prior when using the Extract-Zip function from the winunzip module as the extracted files are not checked if they belong to the destination folder. An attacker could take advantage of this flaw by crafting an archive...

7.5CVSS7.2AI score0.00362EPSS
Exploits0References6
CVE
CVE
added 2020/03/09 3:11 p.m.253 views

CVE-2020-1737

Consolidated sources confirm CVE-2020-1737 is a path-traversal flaw in Ansible’s win_unzip Extract-Zip handling, affecting Ansible 2.7.17 and prior, 2.8.9 and prior, and 2.9.6 and prior. The vulnerability arises because extracted files are not checked against the destination folder, allowing an a...

7.8CVSS7AI score0.00362EPSS
Exploits0References6Affected Software2
Debian CVE
Debian CVE
added 2020/03/09 3:11 p.m.20 views

CVE-2020-1737

A flaw was found in Ansible 2.7.17 and prior, 2.8.9 and prior, and 2.9.6 and prior when using the Extract-Zip function from the winunzip module as the extracted files are not checked if they belong to the destination folder. An attacker could take advantage of this flaw by crafting an archive...

7.8CVSS7.3AI score0.00362EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2020/03/09 3:11 p.m.38 views

CVE-2020-1737

A flaw was found in Ansible 2.7.17 and prior, 2.8.9 and prior, and 2.9.6 and prior when using the Extract-Zip function from the winunzip module as the extracted files are not checked if they belong to the destination folder. An attacker could take advantage of this flaw by crafting an archive...

7.8CVSS7.2AI score0.00362EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2020/02/18 2:29 p.m.35 views

CVE-2020-1737

A flaw was found in the Ansible Engine when using the Extract-Zip function from the winunzip module as the extracted files are not checked if they belong to the destination folder. An attacker could take advantage of this flaw by crafting an archive anywhere in the file system, using a path...

7.8CVSS3.5AI score0.00362EPSS
Exploits0References3
Rows per page
Query Builder