7 matches found
RHEL 8 : ansible-runner (RHSA-2022:0108)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:0108 advisory. Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers can...
Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to multiple Operator package issues
Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to multiple Operator package issues. IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data has migrated to a new base image for the Operators used by our Speech Services. The following vulnerabilities...
CVE-2021-4041
A flaw was found in ansible-runner. An improper escaping of the shell command, while calling the ansiblerunner.interface.runcommand, can lead to parameters getting executed as host's shell command. A developer could unintentionally write code that gets executed in the host rather than the virtual...
ansible-navigator (>=0.6.2 <=1.0.0b1), matrixctl (>=0.8.0 <=0.10.3) +3 more potentially affected by CVE-2021-4041 via ansible-runner (>=1.4.6 <=2.0.0.0a5)
ansible-runner PYPI version =1.4.6, =0.6.2, =0.8.0, =0.0.1, =0.0.11, =0.5.7 Source cves: CVE-2021-4041 Source advisory: OSV:PYSEC-2022-253...
CVE-2021-4041
CVE-2021-4041 (ansible-runner) : A flaw in ansible-runner where improper escaping of the shell command during the call to ansible_runner.interface.run_command can cause parameters to be executed by the host shell instead of inside the target environment. This is a local-privilege-agnostic issue r...
CVE-2021-4041
A flaw was found in ansible-runner. An improper escaping of the shell command, while calling the ansiblerunner.interface.runcommand, can lead to parameters getting executed as host's shell command. A developer could unintentionally write code that gets executed in the host rather than the virtual...
Moderate: Red Hat Security Advisory: ansible-runner security and bug fix update
An update is now available for ansible-runner for Red Hat Ansible Automation Platform 2.0 Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...