Lucene search
Veracode Vulnerability DatabaseVERACODE:3796HistoryMar 29, 2017 - 6:27 a.m.
Incorrect Key Verification
2017-03-2906:27:39
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
25
EPSS
0.002
Percentile
53.3%
ansible is vulnerable to incorrect key verification. The library does not verify key fingerprints before uploading them. This allows a malicious user to generate a key with the desired 16 digit id and upload it to the server.
Related
osv
osv
Ansible apt_key module does not properly verify key fingerprint
2018-10-10 17:23:26
CVE-2016-8614
2018-07-31 21:29:00
PYSEC-2018-37
2018-07-31 21:29:00
cve
cve
CVE-2016-8614
2018-07-31 21:29:00
prion
prion
Design/Logic Flaw
2018-07-31 21:29:00
debiancve
debiancve
CVE-2016-8614
2018-07-31 21:29:00
ubuntucve
ubuntucve
CVE-2016-8614
2018-07-31 00:00:00
cvelist
cvelist
CVE-2016-8614
2018-07-31 21:00:00
nvd
nvd
CVE-2016-8614
2018-07-31 21:29:00
redhatcve
redhatcve
CVE-2016-8614
2016-11-01 15:47:53
github
github
Ansible apt_key module does not properly verify key fingerprint
2018-10-10 17:23:26
openvas
openvas
Fedora Update for ansible FEDORA-2016-3ccb098630
2016-12-07 00:00:00
Fedora Update for ansible FEDORA-2016-3113e71193
2016-12-02 00:00:00
Mageia: Security Advisory (MGASA-2017-0164)
2022-01-28 00:00:00
fedora
fedora
[SECURITY] Fedora 25 Update: ansible-2.2.0.0-3.fc25
2016-11-19 22:01:28
[SECURITY] Fedora 24 Update: ansible-2.2.0.0-3.fc24
2016-11-07 23:35:09
nessus
nessus
Fedora 25 : ansible (2016-3ccb098630)
2016-11-21 00:00:00
Fedora 24 : ansible (2016-3113e71193)
2016-11-08 00:00:00
openSUSE Security Update : ansible (openSUSE-2017-1259)
2017-11-13 00:00:00
mageia
mageia
Updated ansible packages fix security vulnerability
2017-06-10 10:01:18