Lucene search
K

17 matches found

OPENSUSE Linux
OPENSUSE Linux
added 2026/06/07 12:0 a.m.6 views

ansible-core-2.20-2.20.6-1.1 on GA media (moderate)

ansible-core-2.20-2.20.6-1.1 on GA media Announcement ID: openSUSE-SU-2026:10945-1 Rating: moderate Cross-References: CVE-2023-5115 CVE-2023-5764 CVE-2024-0690 CVE-2024-11079 CVE-2024-8775 CVE-2024-9902 CVSS scores: CVE-2023-5115 SUSE : 6.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N CVE-2023-57...

6.6CVSS6.7AI score0.00859EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/07/11 12:0 a.m.6 views

Azure Linux 3.0 Security Update: ansible (CVE-2023-5115)

The version of ansible installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-5115 advisory. - An absolute path traversal attack exists in the Ansible automation platform. This flaw allows an attacker to...

6.3CVSS7.1AI score0.00859EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/07/11 12:0 a.m.2 views

CBL Mariner 2.0 Security Update: ansible (CVE-2023-5115)

The version of ansible installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-5115 advisory. - An absolute path traversal attack exists in the Ansible automation platform. This flaw allows an attacker to...

6.3CVSS7.1AI score0.00859EPSS
Exploits0References2
CBLMariner
CBLMariner
added 2025/07/10 3:6 p.m.8 views

CVE-2023-5115 affecting package ansible for versions less than 2.14.11-1

CVE-2023-5115 affecting package ansible for versions less than 2.14.11-1. A patched version of the package is available...

6.3CVSS6.9AI score0.00859EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2025/05/31 2:7 p.m.25 views

Security Bulletin: There are multiple vulnerabilities that can affect IBM Fusion HCI and IBM Fusion HCI for watsonx

Summary Multiple vulnerabilities affecting IBM Fusion HCI and IBM Fusion HCI for watsonx could have resulted in reduced security. These issues have since been resolved. CVE-2023-5115, CVE-2023-5764, CVE-2024-9902, CVE-2024-8775, CVE-2024-11079, CVE-2024-9506, CVE-2024-43799, CVE-2024-6119,...

9.8CVSS9.6AI score0.66594EPSS
Exploits6Affected Software2
Tenable Nessus
Tenable Nessus
added 2025/01/22 12:0 a.m.20 views

Debian dla-3695 : ansible - security update

The remote Debian 11 host has a package installed that is affected by a vulnerability as referenced in the dla-3695 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3695-2 [email protected] https://www.debian.org/lts/security/...

5.5AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/04/28 12:0 a.m.31 views

RHEL 8 / 9 : Red Hat Ansible Automation Platform 2.4 Product Security and Bug Fix Update (Moderate) (RHSA-2023:5758)

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:5758 advisory. Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT...

7.5CVSS6.9AI score0.01284EPSS
Exploits0References9
Amazon
Amazon
added 2024/02/06 12:0 a.m.5 views

Medium: ansible-core

Issue Overview: The upstream report describes this issue as follows: When installing a maliciously created Ansible role using 'ansible-galaxy role install', arbitrary files the user has access to can be overwritten. The malicious role must contain a symlink with an absolute path to the target fil...

6.3CVSS6.7AI score0.00859EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/02/06 12:0 a.m.36 views

Amazon Linux 2023 : ansible-core, ansible-test (ALAS2023-2024-505)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-505 advisory. The upstream report describes this issue as follows: When installing a maliciously created Ansible role using 'ansible-galaxy role install', arbitrary files the user has access to can be...

6.3CVSS7.2AI score0.00859EPSS
Exploits0References6
NVD
NVD
added 2023/12/18 2:15 p.m.23 views

CVE-2023-5115

An absolute path traversal attack exists in the Ansible automation platform. This flaw allows an attacker to craft a malicious Ansible role and make the victim execute the role. A symlink can be used to overwrite a file outside of the extraction path...

6.3CVSS0.00859EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2023/12/18 2:15 p.m.34 views

CVE-2023-5115

An absolute path traversal attack exists in the Ansible automation platform. This flaw allows an attacker to craft a malicious Ansible role and make the victim execute the role. A symlink can be used to overwrite a file outside of the extraction path...

6.3CVSS6.9AI score0.00859EPSS
Exploits0References2
CVE
CVE
added 2023/12/18 1:43 p.m.193 views

CVE-2023-5115

The CVE-2023-5115 issue is an absolute path traversal in the Ansible automation platform, enabling a maliciously crafted Ansible role (via a symlink) to overwrite files outside the intended extraction path. Affected component is Ansible (ansible-core/associated packages), with root cause describe...

6.3CVSS6.2AI score0.00859EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2023/12/18 1:43 p.m.24 views

CVE-2023-5115 Ansible: malicious role archive can cause ansible-galaxy to overwrite arbitrary files

An absolute path traversal attack exists in the Ansible automation platform. This flaw allows an attacker to craft a malicious Ansible role and make the victim execute the role. A symlink can be used to overwrite a file outside of the extraction path...

6.3CVSS6.6AI score0.00859EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2023/11/07 12:0 a.m.38 views

Fedora 39 : ansible-core (2023-389ed7a7e7)

The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-389ed7a7e7 advisory. Update to 2.16.0b2. Mitigates CVE-2023-5115. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Ness...

6.3CVSS7AI score0.00859EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/10/21 12:0 a.m.29 views

Fedora 38 : ansible-core (2023-e5d4a632a5)

The remote Fedora 38 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-e5d4a632a5 advisory. Update to 2.14.11. Mitigates CVE-2023-5115. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessu...

6.3CVSS7AI score0.00859EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/10/21 12:0 a.m.30 views

Fedora 37 : ansible-core (2023-cdc7db366e)

The remote Fedora 37 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-cdc7db366e advisory. Update to 2.14.11. Mitigates CVE-2023-5115. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessu...

6.3CVSS7AI score0.00859EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2023/09/21 7:54 p.m.55 views

CVE-2023-5115

An absolute path traversal attack exists in the Ansible automation platform. This flaw allows an attacker to craft a malicious Ansible role and make the victim execute the role. A symlink can be used to overwrite a file outside of the extraction path...

6.3CVSS7AI score0.00859EPSS
Exploits0References3
Rows per page
Query Builder