5 matches found
Security Bulletin: Multiple Vulnerabilities in IBM Concert Software.
Summary Multiple vulnerabilities were addressed in IBM Concert Software version 2.2.0 Vulnerability Details CVEID:CVE-2018-16487 DESCRIPTION: A prototype pollution vulnerability was found in lodash 4.17.11 where the functions merge, mergeWith, and defaultsDeep can be tricked into adding or...
CVE-2021-3681
A flaw was found in Ansible Galaxy Collections. When collections are built manually, any files in the repository directory that are not explicitly excluded via the buildignore list in "galaxy.yml" include files in the .tar.gz file. This contains sensitive info, such as the user's Ansible Galaxy A...
CVE-2021-3681
CVE-2021-3681 describes a flaw in Ansible Galaxy Collections where, during manual builds, any files in the repository not excluded by build_ignore in galaxy.yml are included inside the resulting .tar.gz. This can disclose sensitive data such as the user’s Ansible Galaxy API key and secrets from v...
CVE-2021-3681
A flaw was found in Ansible Galaxy Collections. When collections are built manually, any files in the repository directory that are not explicitly excluded via the buildignore list in "galaxy.yml" include files in the .tar.gz file. This contains sensitive info, such as the user's Ansible Galaxy A...
Ansible Galaxy Collections 安全漏洞
Red Hat Ansible is a computer system configuration manager from Red Hat, an American company. The product can be used to distribute, manage, and organize computer systems. A security vulnerability exists in Ansible Galaxy Collections that can be exploited by an attacker to obtain sensitive system...