9 matches found
EUVD-2017-0004
Malware in sbrugna...
GHSA-588W-W6MV-3CW5 Ansible Insertion of Sensitive Information into Log File vulnerability
A flaw was found in the way Ansible 2.3.x before 2.3.3, and 2.4.x before 2.4.1 passed certain parameters to the jenkinsplugin module. Remote attackers could use this flaw to expose sensitive information from a remote host's logs. This flaw was fixed by not allowing passwords to be specified in th...
SUSE-SU-2018:0605-1 Security update for ansible
This update for ansible fixes the following issues: - CVE-2017-7550: A flaw was found in the way Ansible passed certain parameters to the jenkinsplugin module. Remote attackers could use this flaw to expose sensitive information from a remote host's logs. This flaw was fixed by not allowing...
CVE-2017-7550
A flaw was found in the way Ansible 2.3.x before 2.3.3, and 2.4.x before 2.4.1 passed certain parameters to the jenkinsplugin module. Remote attackers could use this flaw to expose sensitive information from a remote host's logs. This flaw was fixed by not allowing passwords to be specified in th...
CVE-2017-7550
A flaw was found in the way Ansible 2.3.x before 2.3.3, and 2.4.x before 2.4.1 passed certain parameters to the jenkinsplugin module. Remote attackers could use this flaw to expose sensitive information from a remote host's logs. This flaw was fixed by not allowing passwords to be specified in th...
CVE-2017-7550
CVE-2017-7550 affects Ansible 2.3.x before 2.3.3 and 2.4.x before 2.4.1, where the jenkins_plugin module could reveal sensitive data via parameters passed in its logs. Root cause: passwords could be specified in the params argument, exposing them through remote host logs. Mitigation: the issue wa...
MGASA-2017-0399 Updated ansible package fixes security vulnerability
A flaw was found in the way Ansible passed certain parameters to the jenkinsplugin module. A remote attacker could use this flaw to expose sensitive information from a remote host's logs. This flaw was fixed by not allowing passwords to be specified in the "params" argument, and noting this in th...
Updated ansible package fixes security vulnerability
A flaw was found in the way Ansible passed certain parameters to the jenkinsplugin module. A remote attacker could use this flaw to expose sensitive information from a remote host's logs. This flaw was fixed by not allowing passwords to be specified in the "params" argument, and noting this in th...
CVE-2017-7550
A flaw was found in the way Ansible passed certain parameters to the jenkinsplugin module. A remote attacker could use this flaw to expose sensitive information from a remote host's logs. This flaw was fixed by not allowing passwords to be specified in the "params" argument, and noting this in th...