| Max CVSS | 4.3 | Min CVSS | 1.9 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2013-4260 | 3.3 |
lib/ansible/playbook/__init__.py in Ansible 1.2.x before 1.2.3, when playbook does not run due to an error, allows local users to overwrite arbitrary files via a symlink attack on a retry file with a predictable name in /var/tmp/ansible/.
|
13-02-2023 - 04:45 | 16-09-2013 - 19:14 | |
| CVE-2013-4259 | 1.9 |
runner/connection_plugins/ssh.py in Ansible before 1.2.3, when using ControlPersist, allows local users to redirect a ssh session via a symlink attack on a socket file with a predictable name in /tmp/.
|
13-02-2023 - 04:45 | 16-09-2013 - 19:14 | |
| CVE-2015-3908 | 4.3 |
Ansible before 1.9.2 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary val
|
16-09-2019 - 15:15 | 12-08-2015 - 14:59 |