Lucene search
K

13 matches found

Tenable Nessus
Tenable Nessus
added 2025/09/03 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2023-5189

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A path traversal vulnerability exists in Ansible when extracting tarballs. An attacker could craft a malicious tarball so that when using the galaxy importer of...

6.5CVSS6.5AI score0.00834EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2024/04/23 5:18 p.m.2 views

Hub: insecure galaxy-importer tarfile extraction

A path traversal vulnerability exists in Ansible when extracting tarballs. An attacker could craft a malicious tarball so that when using the galaxy importer of Ansible Automation Hub, a symlink could be dropped on the disk, resulting in files being overwritten...

6.5CVSS5.8AI score0.00834EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2024/03/27 1:22 p.m.3 views

Hub: insecure galaxy-importer tarfile extraction

A path traversal vulnerability exists in Ansible when extracting tarballs. An attacker could craft a malicious tarball so that when using the galaxy importer of Ansible Automation Hub, a symlink could be dropped on the disk, resulting in files being overwritten...

6.5CVSS5.8AI score0.00834EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2023/12/13 8:36 a.m.7 views

Hub: insecure galaxy-importer tarfile extraction

A path traversal vulnerability exists in Ansible when extracting tarballs. An attacker could craft a malicious tarball so that when using the galaxy importer of Ansible Automation Hub, a symlink could be dropped on the disk, resulting in files being overwritten...

6.5CVSS5.8AI score0.00834EPSS
Exploits1References4
vulnersOsv
vulnersOsv
added 2023/11/15 12:31 a.m.7 views

galaxy-ng (>=4.2.0 <=4.4.5), pulp-ansible (>=0.2.0 <=0.6.2) potentially affected by CVE-2023-5189 via galaxy-importer (>=0.1.1 <=0.4.0)

galaxy-importer PYPI version =0.1.1, =4.2.0, =0.2.0, =0.6.2 Source cves: CVE-2023-5189 Source advisory: OSV:GHSA-55G2-VM3Q-7W52...

6.5CVSS6.4AI score0.00834EPSS
Exploits1
OSV
OSV
added 2023/11/15 12:31 a.m.27 views

GHSA-55G2-VM3Q-7W52 Ansible galaxy-importer Path Traversal vulnerability

A path traversal vulnerability exists in Ansible when extracting tarballs. An attacker could craft a malicious tarball so that when using the galaxy importer of Ansible Automation Hub, a symlink could be dropped on the disk, resulting in files being overwritten...

6.3CVSS6.4AI score0.00834EPSS
Exploits1References8
Github Security Blog
Github Security Blog
added 2023/11/15 12:31 a.m.28 views

Ansible galaxy-importer Path Traversal vulnerability

A path traversal vulnerability exists in Ansible when extracting tarballs. An attacker could craft a malicious tarball so that when using the galaxy importer of Ansible Automation Hub, a symlink could be dropped on the disk, resulting in files being overwritten...

6.5CVSS7AI score0.00834EPSS
Exploits1References8Affected Software1
OSV
OSV
added 2023/11/14 11:15 p.m.9 views

CVE-2023-5189

A path traversal vulnerability exists in Ansible when extracting tarballs. An attacker could craft a malicious tarball so that when using the galaxy importer of Ansible Automation Hub, a symlink could be dropped on the disk, resulting in files being overwritten...

6.5CVSS5.8AI score0.00834EPSS
Exploits1References5
OSV
OSV
added 2023/11/14 11:15 p.m.1 views

UBUNTU-CVE-2023-5189

A path traversal vulnerability exists in Ansible when extracting tarballs. An attacker could craft a malicious tarball so that when using the galaxy importer of Ansible Automation Hub, a symlink could be dropped on the disk, resulting in files being overwritten...

6.5CVSS6.1AI score0.00834EPSS
Exploits1References2
Debian CVE
Debian CVE
added 2023/11/14 10:57 p.m.36 views

CVE-2023-5189

Removed by vendor...

6.5CVSS6AI score0.00834EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2023/10/12 1:41 p.m.9 views

Moderate: Red Hat Bug Fix Advisory: Red Hat Ansible Automation Platform 2.4 Container Release Update

An update is now available for Red Hat Ansible Automation Platform 2.4 Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers can provide top-down guidelines on how automation is applied to individual teams,...

7.8CVSS7AI score0.00239EPSS
Exploits0
CNNVD
CNNVD
added 2023/09/26 12:0 a.m.6 views

Red Hat Ansible Automation Security Vulnerability

Red Hat Ansible Automation is a software application from Red Hat, Inc. It provides a means to automate all aspects of an infrastructure, from servers and network devices to operating systems, applications, and security. A security vulnerability exists in Red Hat Ansible Automation Hub, which ste...

6.5CVSS7.1AI score0.00834EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2023/09/21 12:0 a.m.3 views

PT-2023-5467

Name of the Vulnerable Software and Affected Versions Ansible affected versions not specified Description A path traversal issue exists when Ansible extracts tarballs, allowing an attacker to craft a malicious tarball. This could result in a symlink being dropped on the disk when using the galaxy...

7.5CVSS6.7AI score0.00834EPSS
Exploits1References21
Rows per page
Query Builder