Max CVSS | 4.6 | Min CVSS | 2.1 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2019-3828 | 3.3 |
Ansible fetch module before versions 2.5.15, 2.6.14, 2.7.8 has a path traversal vulnerability which allows copying and overwriting files outside of the specified destination in the local ansible controller host, by not restricting an absolute path.
|
12-06-2023 - 07:15 | 27-03-2019 - 13:29 | |
CVE-2018-16876 | 3.5 |
ansible before versions 2.5.14, 2.6.11, 2.7.5 is vulnerable to a information disclosure flaw in vvv+ mode with no_log on that can lead to leakage of sensible data.
|
04-08-2021 - 17:15 | 03-01-2019 - 15:29 | |
CVE-2018-10875 | 4.6 |
A flaw was found in ansible. ansible.cfg is read from the current working directory which can be altered to make it point to a plugin or a module path under the control of an attacker, thus allowing the attacker to execute arbitrary code.
|
04-08-2021 - 17:14 | 13-07-2018 - 22:29 | |
CVE-2018-16837 | 2.1 |
Ansible "User" module leaks any data which is passed on as a parameter to ssh-keygen. This could lean in undesirable situations such as passphrases credentials passed as a parameter for the ssh-keygen executable. Showing those credentials in clear te
|
03-10-2019 - 00:03 | 23-10-2018 - 15:29 | |
CVE-2018-16859 | 2.1 |
Execution of Ansible playbooks on Windows platforms with PowerShell ScriptBlock logging and Module logging enabled can allow for 'become' passwords to appear in EventLogs in plaintext. A local user with administrator privileges on the machine can vie
|
03-04-2019 - 09:29 | 29-11-2018 - 18:29 |