| 0 |
| url |
VCID-257n-yc2z-hfe8 |
| vulnerability_id |
VCID-257n-yc2z-hfe8 |
| summary |
Ansible symlink attack vulnerability
An absolute path traversal attack exists in the Ansible automation platform. This flaw allows an attacker to craft a malicious Ansible role and make the victim execute the role. A symlink can be used to overwrite a file outside of the extraction path. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
|
| fixed_packages |
|
| aliases |
CVE-2023-5115, GHSA-jpvw-p8pr-9g2x
|
| risk_score |
2.9 |
| exploitability |
0.5 |
| weighted_severity |
5.7 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-257n-yc2z-hfe8 |
|
| 1 |
| url |
VCID-3jxq-kxnz-6bfh |
| vulnerability_id |
VCID-3jxq-kxnz-6bfh |
| summary |
A flaw was found in the Ansible Engine 2.9.18, where sensitive info is not masked by default and is not protected by the no_log feature when using the sub-option feature of the basic.py module. This flaw allows an attacker to obtain sensitive information. The highest threat from this vulnerability is to confidentiality. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
| reference_url |
https://github.com/ansible/ansible |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
7.5 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
|
| 1 |
| value |
8.7 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N |
|
| 2 |
| value |
HIGH |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/ansible/ansible |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:pypi/ansible@2.8.19rc1 |
| purl |
pkg:pypi/ansible@2.8.19rc1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 2 |
| vulnerability |
VCID-49gh-wgmc-mfew |
|
| 3 |
| vulnerability |
VCID-5mcc-gtrr-j3e4 |
|
| 4 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 5 |
| vulnerability |
VCID-95kg-bk3s-g7gx |
|
| 6 |
| vulnerability |
VCID-98zq-xddz-dyc8 |
|
| 7 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 8 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 9 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 10 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 11 |
| vulnerability |
VCID-j4px-r23h-9kb7 |
|
| 12 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 13 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 14 |
| vulnerability |
VCID-nx86-xnct-afbs |
|
| 15 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
| 16 |
| vulnerability |
VCID-uvca-5e2n-pqew |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.8.19rc1 |
|
| 1 |
| url |
pkg:pypi/ansible@2.9.1 |
| purl |
pkg:pypi/ansible@2.9.1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 2 |
| vulnerability |
VCID-4331-d5yy-uybc |
|
| 3 |
| vulnerability |
VCID-49gh-wgmc-mfew |
|
| 4 |
| vulnerability |
VCID-4tfv-snmv-bbax |
|
| 5 |
| vulnerability |
VCID-5mcc-gtrr-j3e4 |
|
| 6 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 7 |
| vulnerability |
VCID-6hdk-ywcn-4qe4 |
|
| 8 |
| vulnerability |
VCID-6swz-79ue-bbef |
|
| 9 |
| vulnerability |
VCID-7d8z-g99x-7qh2 |
|
| 10 |
| vulnerability |
VCID-95kg-bk3s-g7gx |
|
| 11 |
| vulnerability |
VCID-98zq-xddz-dyc8 |
|
| 12 |
| vulnerability |
VCID-aq21-sp74-17gk |
|
| 13 |
| vulnerability |
VCID-axds-bd49-fbdj |
|
| 14 |
| vulnerability |
VCID-b423-t4kx-eqbq |
|
| 15 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 16 |
| vulnerability |
VCID-brft-snn6-guc8 |
|
| 17 |
| vulnerability |
VCID-bvsa-kz7r-zyea |
|
| 18 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 19 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 20 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 21 |
| vulnerability |
VCID-j4px-r23h-9kb7 |
|
| 22 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 23 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 24 |
| vulnerability |
VCID-n2b8-e8fa-2ue1 |
|
| 25 |
| vulnerability |
VCID-nx86-xnct-afbs |
|
| 26 |
| vulnerability |
VCID-p6cz-c9ah-c7cp |
|
| 27 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
| 28 |
| vulnerability |
VCID-rarq-tdjt-hff3 |
|
| 29 |
| vulnerability |
VCID-rnub-zmb6-5yhw |
|
| 30 |
| vulnerability |
VCID-tfhg-gzz2-7qc5 |
|
| 31 |
| vulnerability |
VCID-uvca-5e2n-pqew |
|
| 32 |
| vulnerability |
VCID-xpfd-zdry-euh5 |
|
| 33 |
| vulnerability |
VCID-ydka-2etb-hue9 |
|
| 34 |
| vulnerability |
VCID-zjct-yufk-jkdg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.1 |
|
| 2 |
| url |
pkg:pypi/ansible@2.9.18rc1 |
| purl |
pkg:pypi/ansible@2.9.18rc1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 2 |
| vulnerability |
VCID-49gh-wgmc-mfew |
|
| 3 |
| vulnerability |
VCID-5mcc-gtrr-j3e4 |
|
| 4 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 5 |
| vulnerability |
VCID-98zq-xddz-dyc8 |
|
| 6 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 7 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 8 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 9 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 10 |
| vulnerability |
VCID-j4px-r23h-9kb7 |
|
| 11 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 12 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 13 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
| 14 |
| vulnerability |
VCID-uvca-5e2n-pqew |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.18rc1 |
|
| 3 |
|
| 4 |
|
| 5 |
|
|
| aliases |
CVE-2021-20228, GHSA-5rrg-rr89-x9mv, PYSEC-2021-1
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-3jxq-kxnz-6bfh |
|
| 2 |
| url |
VCID-4331-d5yy-uybc |
| vulnerability_id |
VCID-4331-d5yy-uybc |
| summary |
A race condition flaw was found in Ansible Engine 2.7.17 and prior, 2.8.9 and prior, 2.9.6 and prior when running a playbook with an unprivileged become user. When Ansible needs to run a module with become user, the temporary directory is created in /var/tmp. This directory is created with "umask 77 && mkdir -p <dir>"; this operation does not fail if the directory already exists and is owned by another user. An attacker could take advantage to gain control of the become user as the target directory can be retrieved by iterating '/proc/<pid>/cmdline'. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
| reference_url |
https://github.com/ansible/ansible |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
5.0 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L |
|
| 1 |
| value |
1.0 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L |
|
| 2 |
| value |
LOW |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/ansible/ansible |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
| 41 |
|
| 42 |
|
| 43 |
|
| 44 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:pypi/ansible@2.7.17 |
| purl |
pkg:pypi/ansible@2.7.17 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 2 |
| vulnerability |
VCID-49gh-wgmc-mfew |
|
| 3 |
| vulnerability |
VCID-5mcc-gtrr-j3e4 |
|
| 4 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 5 |
| vulnerability |
VCID-6hdk-ywcn-4qe4 |
|
| 6 |
| vulnerability |
VCID-6swz-79ue-bbef |
|
| 7 |
| vulnerability |
VCID-95kg-bk3s-g7gx |
|
| 8 |
| vulnerability |
VCID-98zq-xddz-dyc8 |
|
| 9 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 10 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 11 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 12 |
| vulnerability |
VCID-gnq4-v5a7-m3ew |
|
| 13 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 14 |
| vulnerability |
VCID-j4px-r23h-9kb7 |
|
| 15 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 16 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 17 |
| vulnerability |
VCID-nx86-xnct-afbs |
|
| 18 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
| 19 |
| vulnerability |
VCID-uvca-5e2n-pqew |
|
| 20 |
| vulnerability |
VCID-zcmk-4k97-kkd9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.7.17 |
|
| 1 |
| url |
pkg:pypi/ansible@2.8.8 |
| purl |
pkg:pypi/ansible@2.8.8 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 2 |
| vulnerability |
VCID-4331-d5yy-uybc |
|
| 3 |
| vulnerability |
VCID-49gh-wgmc-mfew |
|
| 4 |
| vulnerability |
VCID-5mcc-gtrr-j3e4 |
|
| 5 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 6 |
| vulnerability |
VCID-6hdk-ywcn-4qe4 |
|
| 7 |
| vulnerability |
VCID-6swz-79ue-bbef |
|
| 8 |
| vulnerability |
VCID-7d8z-g99x-7qh2 |
|
| 9 |
| vulnerability |
VCID-95kg-bk3s-g7gx |
|
| 10 |
| vulnerability |
VCID-98zq-xddz-dyc8 |
|
| 11 |
| vulnerability |
VCID-b423-t4kx-eqbq |
|
| 12 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 13 |
| vulnerability |
VCID-brft-snn6-guc8 |
|
| 14 |
| vulnerability |
VCID-bvsa-kz7r-zyea |
|
| 15 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 16 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 17 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 18 |
| vulnerability |
VCID-j4px-r23h-9kb7 |
|
| 19 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 20 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 21 |
| vulnerability |
VCID-n2b8-e8fa-2ue1 |
|
| 22 |
| vulnerability |
VCID-nx86-xnct-afbs |
|
| 23 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
| 24 |
| vulnerability |
VCID-rarq-tdjt-hff3 |
|
| 25 |
| vulnerability |
VCID-rnub-zmb6-5yhw |
|
| 26 |
| vulnerability |
VCID-tfhg-gzz2-7qc5 |
|
| 27 |
| vulnerability |
VCID-uvca-5e2n-pqew |
|
| 28 |
| vulnerability |
VCID-xpfd-zdry-euh5 |
|
| 29 |
| vulnerability |
VCID-zjct-yufk-jkdg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.8.8 |
|
| 2 |
| url |
pkg:pypi/ansible@2.8.11 |
| purl |
pkg:pypi/ansible@2.8.11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 2 |
| vulnerability |
VCID-49gh-wgmc-mfew |
|
| 3 |
| vulnerability |
VCID-5mcc-gtrr-j3e4 |
|
| 4 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 5 |
| vulnerability |
VCID-6swz-79ue-bbef |
|
| 6 |
| vulnerability |
VCID-7d8z-g99x-7qh2 |
|
| 7 |
| vulnerability |
VCID-95kg-bk3s-g7gx |
|
| 8 |
| vulnerability |
VCID-98zq-xddz-dyc8 |
|
| 9 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 10 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 11 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 12 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 13 |
| vulnerability |
VCID-j4px-r23h-9kb7 |
|
| 14 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 15 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 16 |
| vulnerability |
VCID-nx86-xnct-afbs |
|
| 17 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
| 18 |
| vulnerability |
VCID-tfhg-gzz2-7qc5 |
|
| 19 |
| vulnerability |
VCID-uvca-5e2n-pqew |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.8.11 |
|
| 3 |
| url |
pkg:pypi/ansible@2.9.6 |
| purl |
pkg:pypi/ansible@2.9.6 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 2 |
| vulnerability |
VCID-4331-d5yy-uybc |
|
| 3 |
| vulnerability |
VCID-49gh-wgmc-mfew |
|
| 4 |
| vulnerability |
VCID-5mcc-gtrr-j3e4 |
|
| 5 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 6 |
| vulnerability |
VCID-6hdk-ywcn-4qe4 |
|
| 7 |
| vulnerability |
VCID-6swz-79ue-bbef |
|
| 8 |
| vulnerability |
VCID-7d8z-g99x-7qh2 |
|
| 9 |
| vulnerability |
VCID-98zq-xddz-dyc8 |
|
| 10 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 11 |
| vulnerability |
VCID-bvsa-kz7r-zyea |
|
| 12 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 13 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 14 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 15 |
| vulnerability |
VCID-j4px-r23h-9kb7 |
|
| 16 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 17 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 18 |
| vulnerability |
VCID-nx86-xnct-afbs |
|
| 19 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
| 20 |
| vulnerability |
VCID-rarq-tdjt-hff3 |
|
| 21 |
| vulnerability |
VCID-tfhg-gzz2-7qc5 |
|
| 22 |
| vulnerability |
VCID-uvca-5e2n-pqew |
|
| 23 |
| vulnerability |
VCID-xpfd-zdry-euh5 |
|
| 24 |
| vulnerability |
VCID-ydka-2etb-hue9 |
|
| 25 |
| vulnerability |
VCID-zjct-yufk-jkdg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.6 |
|
| 4 |
| url |
pkg:pypi/ansible@2.9.7 |
| purl |
pkg:pypi/ansible@2.9.7 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 2 |
| vulnerability |
VCID-49gh-wgmc-mfew |
|
| 3 |
| vulnerability |
VCID-5mcc-gtrr-j3e4 |
|
| 4 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 5 |
| vulnerability |
VCID-6swz-79ue-bbef |
|
| 6 |
| vulnerability |
VCID-7d8z-g99x-7qh2 |
|
| 7 |
| vulnerability |
VCID-98zq-xddz-dyc8 |
|
| 8 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 9 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 10 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 11 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 12 |
| vulnerability |
VCID-j4px-r23h-9kb7 |
|
| 13 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 14 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 15 |
| vulnerability |
VCID-nx86-xnct-afbs |
|
| 16 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
| 17 |
| vulnerability |
VCID-tfhg-gzz2-7qc5 |
|
| 18 |
| vulnerability |
VCID-uvca-5e2n-pqew |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.7 |
|
|
| aliases |
CVE-2020-1733, GHSA-g4mq-6fp5-qwcf, PYSEC-2020-5
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-4331-d5yy-uybc |
|
| 3 |
| url |
VCID-46yu-yqv4-1ugb |
| vulnerability_id |
VCID-46yu-yqv4-1ugb |
| summary |
In Ansible, all Ansible Engine versions up to ansible-engine 2.8.5, ansible-engine 2.7.13, ansible-engine 2.6.19, were logging at the DEBUG level which lead to a disclosure of credentials if a plugin used a library that logged credentials at the DEBUG level. This flaw does not affect Ansible modules, as those are executed in a separate process. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:pypi/ansible@2.6.20 |
| purl |
pkg:pypi/ansible@2.6.20 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 2 |
| vulnerability |
VCID-4331-d5yy-uybc |
|
| 3 |
| vulnerability |
VCID-49gh-wgmc-mfew |
|
| 4 |
| vulnerability |
VCID-5mcc-gtrr-j3e4 |
|
| 5 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 6 |
| vulnerability |
VCID-6hdk-ywcn-4qe4 |
|
| 7 |
| vulnerability |
VCID-6swz-79ue-bbef |
|
| 8 |
| vulnerability |
VCID-95kg-bk3s-g7gx |
|
| 9 |
| vulnerability |
VCID-98zq-xddz-dyc8 |
|
| 10 |
| vulnerability |
VCID-axds-bd49-fbdj |
|
| 11 |
| vulnerability |
VCID-b423-t4kx-eqbq |
|
| 12 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 13 |
| vulnerability |
VCID-brft-snn6-guc8 |
|
| 14 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 15 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 16 |
| vulnerability |
VCID-gnq4-v5a7-m3ew |
|
| 17 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 18 |
| vulnerability |
VCID-j4px-r23h-9kb7 |
|
| 19 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 20 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 21 |
| vulnerability |
VCID-n2b8-e8fa-2ue1 |
|
| 22 |
| vulnerability |
VCID-nx86-xnct-afbs |
|
| 23 |
| vulnerability |
VCID-p6cz-c9ah-c7cp |
|
| 24 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
| 25 |
| vulnerability |
VCID-rarq-tdjt-hff3 |
|
| 26 |
| vulnerability |
VCID-rnub-zmb6-5yhw |
|
| 27 |
| vulnerability |
VCID-uvca-5e2n-pqew |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.6.20 |
|
| 1 |
| url |
pkg:pypi/ansible@2.7.14 |
| purl |
pkg:pypi/ansible@2.7.14 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 2 |
| vulnerability |
VCID-4331-d5yy-uybc |
|
| 3 |
| vulnerability |
VCID-49gh-wgmc-mfew |
|
| 4 |
| vulnerability |
VCID-4tfv-snmv-bbax |
|
| 5 |
| vulnerability |
VCID-5mcc-gtrr-j3e4 |
|
| 6 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 7 |
| vulnerability |
VCID-6hdk-ywcn-4qe4 |
|
| 8 |
| vulnerability |
VCID-6swz-79ue-bbef |
|
| 9 |
| vulnerability |
VCID-95kg-bk3s-g7gx |
|
| 10 |
| vulnerability |
VCID-98zq-xddz-dyc8 |
|
| 11 |
| vulnerability |
VCID-aq21-sp74-17gk |
|
| 12 |
| vulnerability |
VCID-axds-bd49-fbdj |
|
| 13 |
| vulnerability |
VCID-b423-t4kx-eqbq |
|
| 14 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 15 |
| vulnerability |
VCID-brft-snn6-guc8 |
|
| 16 |
| vulnerability |
VCID-bvsa-kz7r-zyea |
|
| 17 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 18 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 19 |
| vulnerability |
VCID-gnq4-v5a7-m3ew |
|
| 20 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 21 |
| vulnerability |
VCID-j4px-r23h-9kb7 |
|
| 22 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 23 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 24 |
| vulnerability |
VCID-n2b8-e8fa-2ue1 |
|
| 25 |
| vulnerability |
VCID-nx86-xnct-afbs |
|
| 26 |
| vulnerability |
VCID-p6cz-c9ah-c7cp |
|
| 27 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
| 28 |
| vulnerability |
VCID-rarq-tdjt-hff3 |
|
| 29 |
| vulnerability |
VCID-rnub-zmb6-5yhw |
|
| 30 |
| vulnerability |
VCID-uvca-5e2n-pqew |
|
| 31 |
| vulnerability |
VCID-vctt-ev3n-zkf8 |
|
| 32 |
| vulnerability |
VCID-xpfd-zdry-euh5 |
|
| 33 |
| vulnerability |
VCID-zcmk-4k97-kkd9 |
|
| 34 |
| vulnerability |
VCID-zjct-yufk-jkdg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.7.14 |
|
| 2 |
| url |
pkg:pypi/ansible@2.8.6 |
| purl |
pkg:pypi/ansible@2.8.6 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 2 |
| vulnerability |
VCID-4331-d5yy-uybc |
|
| 3 |
| vulnerability |
VCID-49gh-wgmc-mfew |
|
| 4 |
| vulnerability |
VCID-4tfv-snmv-bbax |
|
| 5 |
| vulnerability |
VCID-5mcc-gtrr-j3e4 |
|
| 6 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 7 |
| vulnerability |
VCID-6hdk-ywcn-4qe4 |
|
| 8 |
| vulnerability |
VCID-6swz-79ue-bbef |
|
| 9 |
| vulnerability |
VCID-7d8z-g99x-7qh2 |
|
| 10 |
| vulnerability |
VCID-95kg-bk3s-g7gx |
|
| 11 |
| vulnerability |
VCID-98zq-xddz-dyc8 |
|
| 12 |
| vulnerability |
VCID-aq21-sp74-17gk |
|
| 13 |
| vulnerability |
VCID-axds-bd49-fbdj |
|
| 14 |
| vulnerability |
VCID-b423-t4kx-eqbq |
|
| 15 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 16 |
| vulnerability |
VCID-brft-snn6-guc8 |
|
| 17 |
| vulnerability |
VCID-bvsa-kz7r-zyea |
|
| 18 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 19 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 20 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 21 |
| vulnerability |
VCID-j4px-r23h-9kb7 |
|
| 22 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 23 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 24 |
| vulnerability |
VCID-n2b8-e8fa-2ue1 |
|
| 25 |
| vulnerability |
VCID-nx86-xnct-afbs |
|
| 26 |
| vulnerability |
VCID-p6cz-c9ah-c7cp |
|
| 27 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
| 28 |
| vulnerability |
VCID-rarq-tdjt-hff3 |
|
| 29 |
| vulnerability |
VCID-rnub-zmb6-5yhw |
|
| 30 |
| vulnerability |
VCID-tfhg-gzz2-7qc5 |
|
| 31 |
| vulnerability |
VCID-uvca-5e2n-pqew |
|
| 32 |
| vulnerability |
VCID-vctt-ev3n-zkf8 |
|
| 33 |
| vulnerability |
VCID-xpfd-zdry-euh5 |
|
| 34 |
| vulnerability |
VCID-zjct-yufk-jkdg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.8.6 |
|
|
| aliases |
PYSEC-2019-74
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-46yu-yqv4-1ugb |
|
| 4 |
| url |
VCID-49gh-wgmc-mfew |
| vulnerability_id |
VCID-49gh-wgmc-mfew |
| summary |
information disclosure |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:pypi/ansible@2.8.19 |
| purl |
pkg:pypi/ansible@2.8.19 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 2 |
| vulnerability |
VCID-49gh-wgmc-mfew |
|
| 3 |
| vulnerability |
VCID-5mcc-gtrr-j3e4 |
|
| 4 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 5 |
| vulnerability |
VCID-95kg-bk3s-g7gx |
|
| 6 |
| vulnerability |
VCID-98zq-xddz-dyc8 |
|
| 7 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 8 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 9 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 10 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 11 |
| vulnerability |
VCID-j4px-r23h-9kb7 |
|
| 12 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 13 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 14 |
| vulnerability |
VCID-nx86-xnct-afbs |
|
| 15 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.8.19 |
|
| 1 |
| url |
pkg:pypi/ansible@2.9.18 |
| purl |
pkg:pypi/ansible@2.9.18 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 2 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 3 |
| vulnerability |
VCID-98zq-xddz-dyc8 |
|
| 4 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 5 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 6 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 7 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 8 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 9 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 10 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.18 |
|
|
| aliases |
CVE-2021-20180, GHSA-fh5v-5f35-2rv2
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-49gh-wgmc-mfew |
|
| 5 |
|
| 6 |
| url |
VCID-5r2p-dxtk-pkas |
| vulnerability_id |
VCID-5r2p-dxtk-pkas |
| summary |
Improper Neutralization of Special Elements Used in a Template Engine
A template injection flaw was found in Ansible where a user's controller internal templating operations may remove the unsafe designation from template data. This issue could allow an attacker to use a specially crafted file to introduce code injection when supplying templating data. |
| references |
| 0 |
| reference_url |
https://access.redhat.com/errata/RHSA-2023:7773 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
6.6 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N |
|
| 1 |
| value |
7.1 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 3 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T03:55:28Z/ |
|
|
| url |
https://access.redhat.com/errata/RHSA-2023:7773 |
|
| 1 |
|
| 2 |
|
| 3 |
| reference_url |
https://bugzilla.redhat.com/show_bug.cgi?id=2247629 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
6.6 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N |
|
| 1 |
| value |
7.1 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 3 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T03:55:28Z/ |
|
|
| url |
https://bugzilla.redhat.com/show_bug.cgi?id=2247629 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
| reference_url |
https://access.redhat.com/security/cve/CVE-2023-5764 |
| reference_id |
CVE-2023-5764 |
| reference_type |
|
| scores |
| 0 |
| value |
6.6 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N |
|
| 1 |
| value |
7.1 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 3 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T03:55:28Z/ |
|
|
| url |
https://access.redhat.com/security/cve/CVE-2023-5764 |
|
| 20 |
|
| 21 |
|
| 22 |
|
|
| fixed_packages |
|
| aliases |
CVE-2023-5764, GHSA-7j69-qfc3-2fq9
|
| risk_score |
3.2 |
| exploitability |
0.5 |
| weighted_severity |
6.4 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-5r2p-dxtk-pkas |
|
| 7 |
| url |
VCID-664v-ms96-jfd2 |
| vulnerability_id |
VCID-664v-ms96-jfd2 |
| summary |
Ansible before versions 2.3.1.0 and 2.4.0.0 fails to properly mark lookup-plugin results as unsafe. If an attacker could control the results of lookup() calls, they could inject Unicode strings to be parsed by the jinja2 templating system, resulting in code execution. By default, the jinja2 templating language is now marked as 'unsafe' and is not evaluated. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
| reference_url |
https://github.com/ansible/ansible |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
9.8 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
|
| 1 |
| value |
9.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N |
|
| 2 |
| value |
CRITICAL |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/ansible/ansible |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
| reference_url |
https://usn.ubuntu.com/4072-1 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
9.8 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
|
| 1 |
| value |
9.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N |
|
| 2 |
| value |
CRITICAL |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://usn.ubuntu.com/4072-1 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:pypi/ansible@2.3.1.0 |
| purl |
pkg:pypi/ansible@2.3.1.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 2 |
| vulnerability |
VCID-4331-d5yy-uybc |
|
| 3 |
| vulnerability |
VCID-46yu-yqv4-1ugb |
|
| 4 |
| vulnerability |
VCID-49gh-wgmc-mfew |
|
| 5 |
| vulnerability |
VCID-5mcc-gtrr-j3e4 |
|
| 6 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 7 |
| vulnerability |
VCID-6hdk-ywcn-4qe4 |
|
| 8 |
| vulnerability |
VCID-6smx-ju23-8qes |
|
| 9 |
| vulnerability |
VCID-6swz-79ue-bbef |
|
| 10 |
| vulnerability |
VCID-7f2g-zz9p-sufc |
|
| 11 |
| vulnerability |
VCID-826d-vdw1-dbaj |
|
| 12 |
| vulnerability |
VCID-95kg-bk3s-g7gx |
|
| 13 |
| vulnerability |
VCID-a79h-gfcm-13cq |
|
| 14 |
| vulnerability |
VCID-axds-bd49-fbdj |
|
| 15 |
| vulnerability |
VCID-b423-t4kx-eqbq |
|
| 16 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 17 |
| vulnerability |
VCID-bmq3-uckn-tfhk |
|
| 18 |
| vulnerability |
VCID-brft-snn6-guc8 |
|
| 19 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 20 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 21 |
| vulnerability |
VCID-gnq4-v5a7-m3ew |
|
| 22 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 23 |
| vulnerability |
VCID-j4px-r23h-9kb7 |
|
| 24 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 25 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 26 |
| vulnerability |
VCID-n2b8-e8fa-2ue1 |
|
| 27 |
| vulnerability |
VCID-nx86-xnct-afbs |
|
| 28 |
| vulnerability |
VCID-p6cz-c9ah-c7cp |
|
| 29 |
| vulnerability |
VCID-qbws-64b9-83fc |
|
| 30 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
| 31 |
| vulnerability |
VCID-rarq-tdjt-hff3 |
|
| 32 |
| vulnerability |
VCID-rnub-zmb6-5yhw |
|
| 33 |
| vulnerability |
VCID-uvca-5e2n-pqew |
|
| 34 |
| vulnerability |
VCID-xk7s-y611-mffc |
|
| 35 |
| vulnerability |
VCID-xn7b-vz2e-6qdh |
|
| 36 |
| vulnerability |
VCID-zcmk-4k97-kkd9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.3.1.0 |
|
| 1 |
| url |
pkg:pypi/ansible@2.4.0.0 |
| purl |
pkg:pypi/ansible@2.4.0.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 2 |
| vulnerability |
VCID-4331-d5yy-uybc |
|
| 3 |
| vulnerability |
VCID-46yu-yqv4-1ugb |
|
| 4 |
| vulnerability |
VCID-49gh-wgmc-mfew |
|
| 5 |
| vulnerability |
VCID-5mcc-gtrr-j3e4 |
|
| 6 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 7 |
| vulnerability |
VCID-6hdk-ywcn-4qe4 |
|
| 8 |
| vulnerability |
VCID-6smx-ju23-8qes |
|
| 9 |
| vulnerability |
VCID-6swz-79ue-bbef |
|
| 10 |
| vulnerability |
VCID-7f2g-zz9p-sufc |
|
| 11 |
| vulnerability |
VCID-826d-vdw1-dbaj |
|
| 12 |
| vulnerability |
VCID-95kg-bk3s-g7gx |
|
| 13 |
| vulnerability |
VCID-a79h-gfcm-13cq |
|
| 14 |
| vulnerability |
VCID-axds-bd49-fbdj |
|
| 15 |
| vulnerability |
VCID-b423-t4kx-eqbq |
|
| 16 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 17 |
| vulnerability |
VCID-bmq3-uckn-tfhk |
|
| 18 |
| vulnerability |
VCID-brft-snn6-guc8 |
|
| 19 |
| vulnerability |
VCID-ce7n-7xet-pyav |
|
| 20 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 21 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 22 |
| vulnerability |
VCID-gnq4-v5a7-m3ew |
|
| 23 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 24 |
| vulnerability |
VCID-j4px-r23h-9kb7 |
|
| 25 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 26 |
| vulnerability |
VCID-kva6-sjfx-rbe3 |
|
| 27 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 28 |
| vulnerability |
VCID-n2b8-e8fa-2ue1 |
|
| 29 |
| vulnerability |
VCID-nx86-xnct-afbs |
|
| 30 |
| vulnerability |
VCID-p6cz-c9ah-c7cp |
|
| 31 |
| vulnerability |
VCID-qbws-64b9-83fc |
|
| 32 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
| 33 |
| vulnerability |
VCID-rarq-tdjt-hff3 |
|
| 34 |
| vulnerability |
VCID-rnub-zmb6-5yhw |
|
| 35 |
| vulnerability |
VCID-smbs-h4tr-3qbv |
|
| 36 |
| vulnerability |
VCID-uvca-5e2n-pqew |
|
| 37 |
| vulnerability |
VCID-xk7s-y611-mffc |
|
| 38 |
| vulnerability |
VCID-xn7b-vz2e-6qdh |
|
| 39 |
| vulnerability |
VCID-zcmk-4k97-kkd9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.4.0.0 |
|
|
| aliases |
CVE-2017-7481, GHSA-w578-j992-554x, PYSEC-2018-41
|
| risk_score |
4.5 |
| exploitability |
0.5 |
| weighted_severity |
9.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-664v-ms96-jfd2 |
|
| 8 |
| url |
VCID-6hdk-ywcn-4qe4 |
| vulnerability_id |
VCID-6hdk-ywcn-4qe4 |
| summary |
A security flaw was found in Ansible Engine, all Ansible 2.7.x versions prior to 2.7.17, all Ansible 2.8.x versions prior to 2.8.11 and all Ansible 2.9.x versions prior to 2.9.7, when managing kubernetes using the k8s module. Sensitive parameters such as passwords and tokens are passed to kubectl from the command line, not using an environment variable or an input configuration file. This will disclose passwords and tokens from process list and no_log directive from debug module would not have any effect making these secrets being disclosed on stdout and log files. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
| reference_url |
https://github.com/advisories/GHSA-86hp-cj9j-33vv |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
5.5 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
|
| 1 |
| value |
MODERATE |
| scoring_system |
cvssv3.1_qr |
| scoring_elements |
|
|
| 2 |
| value |
6.8 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N |
|
| 3 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/advisories/GHSA-86hp-cj9j-33vv |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
| 41 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:pypi/ansible@2.7.17 |
| purl |
pkg:pypi/ansible@2.7.17 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 2 |
| vulnerability |
VCID-49gh-wgmc-mfew |
|
| 3 |
| vulnerability |
VCID-5mcc-gtrr-j3e4 |
|
| 4 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 5 |
| vulnerability |
VCID-6hdk-ywcn-4qe4 |
|
| 6 |
| vulnerability |
VCID-6swz-79ue-bbef |
|
| 7 |
| vulnerability |
VCID-95kg-bk3s-g7gx |
|
| 8 |
| vulnerability |
VCID-98zq-xddz-dyc8 |
|
| 9 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 10 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 11 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 12 |
| vulnerability |
VCID-gnq4-v5a7-m3ew |
|
| 13 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 14 |
| vulnerability |
VCID-j4px-r23h-9kb7 |
|
| 15 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 16 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 17 |
| vulnerability |
VCID-nx86-xnct-afbs |
|
| 18 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
| 19 |
| vulnerability |
VCID-uvca-5e2n-pqew |
|
| 20 |
| vulnerability |
VCID-zcmk-4k97-kkd9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.7.17 |
|
| 1 |
| url |
pkg:pypi/ansible@2.7.18 |
| purl |
pkg:pypi/ansible@2.7.18 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 2 |
| vulnerability |
VCID-49gh-wgmc-mfew |
|
| 3 |
| vulnerability |
VCID-5mcc-gtrr-j3e4 |
|
| 4 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 5 |
| vulnerability |
VCID-6swz-79ue-bbef |
|
| 6 |
| vulnerability |
VCID-95kg-bk3s-g7gx |
|
| 7 |
| vulnerability |
VCID-98zq-xddz-dyc8 |
|
| 8 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 9 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 10 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 11 |
| vulnerability |
VCID-gnq4-v5a7-m3ew |
|
| 12 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 13 |
| vulnerability |
VCID-j4px-r23h-9kb7 |
|
| 14 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 15 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 16 |
| vulnerability |
VCID-nx86-xnct-afbs |
|
| 17 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
| 18 |
| vulnerability |
VCID-uvca-5e2n-pqew |
|
| 19 |
| vulnerability |
VCID-zcmk-4k97-kkd9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.7.18 |
|
| 2 |
| url |
pkg:pypi/ansible@2.8.0a1 |
| purl |
pkg:pypi/ansible@2.8.0a1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 2 |
| vulnerability |
VCID-4331-d5yy-uybc |
|
| 3 |
| vulnerability |
VCID-49gh-wgmc-mfew |
|
| 4 |
| vulnerability |
VCID-4tfv-snmv-bbax |
|
| 5 |
| vulnerability |
VCID-5mcc-gtrr-j3e4 |
|
| 6 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 7 |
| vulnerability |
VCID-6hdk-ywcn-4qe4 |
|
| 8 |
| vulnerability |
VCID-6smx-ju23-8qes |
|
| 9 |
| vulnerability |
VCID-6swz-79ue-bbef |
|
| 10 |
| vulnerability |
VCID-7d8z-g99x-7qh2 |
|
| 11 |
| vulnerability |
VCID-95kg-bk3s-g7gx |
|
| 12 |
| vulnerability |
VCID-98zq-xddz-dyc8 |
|
| 13 |
| vulnerability |
VCID-aq21-sp74-17gk |
|
| 14 |
| vulnerability |
VCID-axds-bd49-fbdj |
|
| 15 |
| vulnerability |
VCID-b423-t4kx-eqbq |
|
| 16 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 17 |
| vulnerability |
VCID-brft-snn6-guc8 |
|
| 18 |
| vulnerability |
VCID-bvsa-kz7r-zyea |
|
| 19 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 20 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 21 |
| vulnerability |
VCID-gnq4-v5a7-m3ew |
|
| 22 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 23 |
| vulnerability |
VCID-j4px-r23h-9kb7 |
|
| 24 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 25 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 26 |
| vulnerability |
VCID-mk3k-n9wn-q3ct |
|
| 27 |
| vulnerability |
VCID-n2b8-e8fa-2ue1 |
|
| 28 |
| vulnerability |
VCID-nx86-xnct-afbs |
|
| 29 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
| 30 |
| vulnerability |
VCID-rarq-tdjt-hff3 |
|
| 31 |
| vulnerability |
VCID-rnub-zmb6-5yhw |
|
| 32 |
| vulnerability |
VCID-uvca-5e2n-pqew |
|
| 33 |
| vulnerability |
VCID-xn7b-vz2e-6qdh |
|
| 34 |
| vulnerability |
VCID-xpfd-zdry-euh5 |
|
| 35 |
| vulnerability |
VCID-zcmk-4k97-kkd9 |
|
| 36 |
| vulnerability |
VCID-zjct-yufk-jkdg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.8.0a1 |
|
| 3 |
| url |
pkg:pypi/ansible@2.8.9 |
| purl |
pkg:pypi/ansible@2.8.9 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 2 |
| vulnerability |
VCID-4331-d5yy-uybc |
|
| 3 |
| vulnerability |
VCID-49gh-wgmc-mfew |
|
| 4 |
| vulnerability |
VCID-5mcc-gtrr-j3e4 |
|
| 5 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 6 |
| vulnerability |
VCID-6hdk-ywcn-4qe4 |
|
| 7 |
| vulnerability |
VCID-6swz-79ue-bbef |
|
| 8 |
| vulnerability |
VCID-7d8z-g99x-7qh2 |
|
| 9 |
| vulnerability |
VCID-95kg-bk3s-g7gx |
|
| 10 |
| vulnerability |
VCID-98zq-xddz-dyc8 |
|
| 11 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 12 |
| vulnerability |
VCID-bvsa-kz7r-zyea |
|
| 13 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 14 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 15 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 16 |
| vulnerability |
VCID-j4px-r23h-9kb7 |
|
| 17 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 18 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 19 |
| vulnerability |
VCID-nx86-xnct-afbs |
|
| 20 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
| 21 |
| vulnerability |
VCID-tfhg-gzz2-7qc5 |
|
| 22 |
| vulnerability |
VCID-uvca-5e2n-pqew |
|
| 23 |
| vulnerability |
VCID-xpfd-zdry-euh5 |
|
| 24 |
| vulnerability |
VCID-zjct-yufk-jkdg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.8.9 |
|
| 4 |
| url |
pkg:pypi/ansible@2.8.11 |
| purl |
pkg:pypi/ansible@2.8.11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 2 |
| vulnerability |
VCID-49gh-wgmc-mfew |
|
| 3 |
| vulnerability |
VCID-5mcc-gtrr-j3e4 |
|
| 4 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 5 |
| vulnerability |
VCID-6swz-79ue-bbef |
|
| 6 |
| vulnerability |
VCID-7d8z-g99x-7qh2 |
|
| 7 |
| vulnerability |
VCID-95kg-bk3s-g7gx |
|
| 8 |
| vulnerability |
VCID-98zq-xddz-dyc8 |
|
| 9 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 10 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 11 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 12 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 13 |
| vulnerability |
VCID-j4px-r23h-9kb7 |
|
| 14 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 15 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 16 |
| vulnerability |
VCID-nx86-xnct-afbs |
|
| 17 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
| 18 |
| vulnerability |
VCID-tfhg-gzz2-7qc5 |
|
| 19 |
| vulnerability |
VCID-uvca-5e2n-pqew |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.8.11 |
|
| 5 |
| url |
pkg:pypi/ansible@2.8.12 |
| purl |
pkg:pypi/ansible@2.8.12 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 2 |
| vulnerability |
VCID-49gh-wgmc-mfew |
|
| 3 |
| vulnerability |
VCID-5mcc-gtrr-j3e4 |
|
| 4 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 5 |
| vulnerability |
VCID-6swz-79ue-bbef |
|
| 6 |
| vulnerability |
VCID-7d8z-g99x-7qh2 |
|
| 7 |
| vulnerability |
VCID-95kg-bk3s-g7gx |
|
| 8 |
| vulnerability |
VCID-98zq-xddz-dyc8 |
|
| 9 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 10 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 11 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 12 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 13 |
| vulnerability |
VCID-j4px-r23h-9kb7 |
|
| 14 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 15 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 16 |
| vulnerability |
VCID-nx86-xnct-afbs |
|
| 17 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
| 18 |
| vulnerability |
VCID-tfhg-gzz2-7qc5 |
|
| 19 |
| vulnerability |
VCID-uvca-5e2n-pqew |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.8.12 |
|
| 6 |
| url |
pkg:pypi/ansible@2.9.6 |
| purl |
pkg:pypi/ansible@2.9.6 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 2 |
| vulnerability |
VCID-4331-d5yy-uybc |
|
| 3 |
| vulnerability |
VCID-49gh-wgmc-mfew |
|
| 4 |
| vulnerability |
VCID-5mcc-gtrr-j3e4 |
|
| 5 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 6 |
| vulnerability |
VCID-6hdk-ywcn-4qe4 |
|
| 7 |
| vulnerability |
VCID-6swz-79ue-bbef |
|
| 8 |
| vulnerability |
VCID-7d8z-g99x-7qh2 |
|
| 9 |
| vulnerability |
VCID-98zq-xddz-dyc8 |
|
| 10 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 11 |
| vulnerability |
VCID-bvsa-kz7r-zyea |
|
| 12 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 13 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 14 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 15 |
| vulnerability |
VCID-j4px-r23h-9kb7 |
|
| 16 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 17 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 18 |
| vulnerability |
VCID-nx86-xnct-afbs |
|
| 19 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
| 20 |
| vulnerability |
VCID-rarq-tdjt-hff3 |
|
| 21 |
| vulnerability |
VCID-tfhg-gzz2-7qc5 |
|
| 22 |
| vulnerability |
VCID-uvca-5e2n-pqew |
|
| 23 |
| vulnerability |
VCID-xpfd-zdry-euh5 |
|
| 24 |
| vulnerability |
VCID-ydka-2etb-hue9 |
|
| 25 |
| vulnerability |
VCID-zjct-yufk-jkdg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.6 |
|
| 7 |
| url |
pkg:pypi/ansible@2.9.7 |
| purl |
pkg:pypi/ansible@2.9.7 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 2 |
| vulnerability |
VCID-49gh-wgmc-mfew |
|
| 3 |
| vulnerability |
VCID-5mcc-gtrr-j3e4 |
|
| 4 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 5 |
| vulnerability |
VCID-6swz-79ue-bbef |
|
| 6 |
| vulnerability |
VCID-7d8z-g99x-7qh2 |
|
| 7 |
| vulnerability |
VCID-98zq-xddz-dyc8 |
|
| 8 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 9 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 10 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 11 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 12 |
| vulnerability |
VCID-j4px-r23h-9kb7 |
|
| 13 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 14 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 15 |
| vulnerability |
VCID-nx86-xnct-afbs |
|
| 16 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
| 17 |
| vulnerability |
VCID-tfhg-gzz2-7qc5 |
|
| 18 |
| vulnerability |
VCID-uvca-5e2n-pqew |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.7 |
|
|
| aliases |
CVE-2020-1753, GHSA-86hp-cj9j-33vv, PYSEC-2020-210
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-6hdk-ywcn-4qe4 |
|
| 9 |
| url |
VCID-6smx-ju23-8qes |
| vulnerability_id |
VCID-6smx-ju23-8qes |
| summary |
In Ansible, all Ansible Engine versions up to ansible-engine 2.8.5, ansible-engine 2.7.13, ansible-engine 2.6.19, were logging at the DEBUG level which lead to a disclosure of credentials if a plugin used a library that logged credentials at the DEBUG level. This flaw does not affect Ansible modules, as those are executed in a separate process. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
| reference_url |
https://github.com/ansible/ansible |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
7.8 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
|
| 1 |
| value |
8.5 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N |
|
| 2 |
| value |
HIGH |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/ansible/ansible |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
| 41 |
|
| 42 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:pypi/ansible@2.6.20 |
| purl |
pkg:pypi/ansible@2.6.20 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 2 |
| vulnerability |
VCID-4331-d5yy-uybc |
|
| 3 |
| vulnerability |
VCID-49gh-wgmc-mfew |
|
| 4 |
| vulnerability |
VCID-5mcc-gtrr-j3e4 |
|
| 5 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 6 |
| vulnerability |
VCID-6hdk-ywcn-4qe4 |
|
| 7 |
| vulnerability |
VCID-6swz-79ue-bbef |
|
| 8 |
| vulnerability |
VCID-95kg-bk3s-g7gx |
|
| 9 |
| vulnerability |
VCID-98zq-xddz-dyc8 |
|
| 10 |
| vulnerability |
VCID-axds-bd49-fbdj |
|
| 11 |
| vulnerability |
VCID-b423-t4kx-eqbq |
|
| 12 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 13 |
| vulnerability |
VCID-brft-snn6-guc8 |
|
| 14 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 15 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 16 |
| vulnerability |
VCID-gnq4-v5a7-m3ew |
|
| 17 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 18 |
| vulnerability |
VCID-j4px-r23h-9kb7 |
|
| 19 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 20 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 21 |
| vulnerability |
VCID-n2b8-e8fa-2ue1 |
|
| 22 |
| vulnerability |
VCID-nx86-xnct-afbs |
|
| 23 |
| vulnerability |
VCID-p6cz-c9ah-c7cp |
|
| 24 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
| 25 |
| vulnerability |
VCID-rarq-tdjt-hff3 |
|
| 26 |
| vulnerability |
VCID-rnub-zmb6-5yhw |
|
| 27 |
| vulnerability |
VCID-uvca-5e2n-pqew |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.6.20 |
|
| 1 |
| url |
pkg:pypi/ansible@2.7.14 |
| purl |
pkg:pypi/ansible@2.7.14 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 2 |
| vulnerability |
VCID-4331-d5yy-uybc |
|
| 3 |
| vulnerability |
VCID-49gh-wgmc-mfew |
|
| 4 |
| vulnerability |
VCID-4tfv-snmv-bbax |
|
| 5 |
| vulnerability |
VCID-5mcc-gtrr-j3e4 |
|
| 6 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 7 |
| vulnerability |
VCID-6hdk-ywcn-4qe4 |
|
| 8 |
| vulnerability |
VCID-6swz-79ue-bbef |
|
| 9 |
| vulnerability |
VCID-95kg-bk3s-g7gx |
|
| 10 |
| vulnerability |
VCID-98zq-xddz-dyc8 |
|
| 11 |
| vulnerability |
VCID-aq21-sp74-17gk |
|
| 12 |
| vulnerability |
VCID-axds-bd49-fbdj |
|
| 13 |
| vulnerability |
VCID-b423-t4kx-eqbq |
|
| 14 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 15 |
| vulnerability |
VCID-brft-snn6-guc8 |
|
| 16 |
| vulnerability |
VCID-bvsa-kz7r-zyea |
|
| 17 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 18 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 19 |
| vulnerability |
VCID-gnq4-v5a7-m3ew |
|
| 20 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 21 |
| vulnerability |
VCID-j4px-r23h-9kb7 |
|
| 22 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 23 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 24 |
| vulnerability |
VCID-n2b8-e8fa-2ue1 |
|
| 25 |
| vulnerability |
VCID-nx86-xnct-afbs |
|
| 26 |
| vulnerability |
VCID-p6cz-c9ah-c7cp |
|
| 27 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
| 28 |
| vulnerability |
VCID-rarq-tdjt-hff3 |
|
| 29 |
| vulnerability |
VCID-rnub-zmb6-5yhw |
|
| 30 |
| vulnerability |
VCID-uvca-5e2n-pqew |
|
| 31 |
| vulnerability |
VCID-vctt-ev3n-zkf8 |
|
| 32 |
| vulnerability |
VCID-xpfd-zdry-euh5 |
|
| 33 |
| vulnerability |
VCID-zcmk-4k97-kkd9 |
|
| 34 |
| vulnerability |
VCID-zjct-yufk-jkdg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.7.14 |
|
| 2 |
| url |
pkg:pypi/ansible@2.8.6 |
| purl |
pkg:pypi/ansible@2.8.6 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 2 |
| vulnerability |
VCID-4331-d5yy-uybc |
|
| 3 |
| vulnerability |
VCID-49gh-wgmc-mfew |
|
| 4 |
| vulnerability |
VCID-4tfv-snmv-bbax |
|
| 5 |
| vulnerability |
VCID-5mcc-gtrr-j3e4 |
|
| 6 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 7 |
| vulnerability |
VCID-6hdk-ywcn-4qe4 |
|
| 8 |
| vulnerability |
VCID-6swz-79ue-bbef |
|
| 9 |
| vulnerability |
VCID-7d8z-g99x-7qh2 |
|
| 10 |
| vulnerability |
VCID-95kg-bk3s-g7gx |
|
| 11 |
| vulnerability |
VCID-98zq-xddz-dyc8 |
|
| 12 |
| vulnerability |
VCID-aq21-sp74-17gk |
|
| 13 |
| vulnerability |
VCID-axds-bd49-fbdj |
|
| 14 |
| vulnerability |
VCID-b423-t4kx-eqbq |
|
| 15 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 16 |
| vulnerability |
VCID-brft-snn6-guc8 |
|
| 17 |
| vulnerability |
VCID-bvsa-kz7r-zyea |
|
| 18 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 19 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 20 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 21 |
| vulnerability |
VCID-j4px-r23h-9kb7 |
|
| 22 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 23 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 24 |
| vulnerability |
VCID-n2b8-e8fa-2ue1 |
|
| 25 |
| vulnerability |
VCID-nx86-xnct-afbs |
|
| 26 |
| vulnerability |
VCID-p6cz-c9ah-c7cp |
|
| 27 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
| 28 |
| vulnerability |
VCID-rarq-tdjt-hff3 |
|
| 29 |
| vulnerability |
VCID-rnub-zmb6-5yhw |
|
| 30 |
| vulnerability |
VCID-tfhg-gzz2-7qc5 |
|
| 31 |
| vulnerability |
VCID-uvca-5e2n-pqew |
|
| 32 |
| vulnerability |
VCID-vctt-ev3n-zkf8 |
|
| 33 |
| vulnerability |
VCID-xpfd-zdry-euh5 |
|
| 34 |
| vulnerability |
VCID-zjct-yufk-jkdg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.8.6 |
|
| 3 |
| url |
pkg:pypi/ansible@2.9.0b1 |
| purl |
pkg:pypi/ansible@2.9.0b1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 2 |
| vulnerability |
VCID-4331-d5yy-uybc |
|
| 3 |
| vulnerability |
VCID-49gh-wgmc-mfew |
|
| 4 |
| vulnerability |
VCID-4tfv-snmv-bbax |
|
| 5 |
| vulnerability |
VCID-5mcc-gtrr-j3e4 |
|
| 6 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 7 |
| vulnerability |
VCID-6swz-79ue-bbef |
|
| 8 |
| vulnerability |
VCID-7d8z-g99x-7qh2 |
|
| 9 |
| vulnerability |
VCID-95kg-bk3s-g7gx |
|
| 10 |
| vulnerability |
VCID-98zq-xddz-dyc8 |
|
| 11 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 12 |
| vulnerability |
VCID-bvsa-kz7r-zyea |
|
| 13 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 14 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 15 |
| vulnerability |
VCID-gnq4-v5a7-m3ew |
|
| 16 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 17 |
| vulnerability |
VCID-j4px-r23h-9kb7 |
|
| 18 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 19 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 20 |
| vulnerability |
VCID-nx86-xnct-afbs |
|
| 21 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
| 22 |
| vulnerability |
VCID-uvca-5e2n-pqew |
|
| 23 |
| vulnerability |
VCID-zjct-yufk-jkdg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.0b1 |
|
|
| aliases |
CVE-2019-14846, GHSA-pm48-cvv2-29q5, PYSEC-2019-4
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-6smx-ju23-8qes |
|
| 10 |
| url |
VCID-6swz-79ue-bbef |
| vulnerability_id |
VCID-6swz-79ue-bbef |
| summary |
A flaw was found in the pipe lookup plugin of ansible. Arbitrary commands can be run, when the pipe lookup plugin uses subprocess.Popen() with shell=True, by overwriting ansible facts and the variable is not escaped by quote plugin. An attacker could take advantage and run arbitrary commands by overwriting the ansible facts. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
| reference_url |
https://github.com/ansible/ansible |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
7.4 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:L |
|
| 1 |
| value |
8.5 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:L/SC:H/SI:H/SA:L |
|
| 2 |
| value |
HIGH |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/ansible/ansible |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:pypi/ansible@2.7.17 |
| purl |
pkg:pypi/ansible@2.7.17 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 2 |
| vulnerability |
VCID-49gh-wgmc-mfew |
|
| 3 |
| vulnerability |
VCID-5mcc-gtrr-j3e4 |
|
| 4 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 5 |
| vulnerability |
VCID-6hdk-ywcn-4qe4 |
|
| 6 |
| vulnerability |
VCID-6swz-79ue-bbef |
|
| 7 |
| vulnerability |
VCID-95kg-bk3s-g7gx |
|
| 8 |
| vulnerability |
VCID-98zq-xddz-dyc8 |
|
| 9 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 10 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 11 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 12 |
| vulnerability |
VCID-gnq4-v5a7-m3ew |
|
| 13 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 14 |
| vulnerability |
VCID-j4px-r23h-9kb7 |
|
| 15 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 16 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 17 |
| vulnerability |
VCID-nx86-xnct-afbs |
|
| 18 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
| 19 |
| vulnerability |
VCID-uvca-5e2n-pqew |
|
| 20 |
| vulnerability |
VCID-zcmk-4k97-kkd9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.7.17 |
|
| 1 |
| url |
pkg:pypi/ansible@2.8.13 |
| purl |
pkg:pypi/ansible@2.8.13 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 2 |
| vulnerability |
VCID-49gh-wgmc-mfew |
|
| 3 |
| vulnerability |
VCID-5mcc-gtrr-j3e4 |
|
| 4 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 5 |
| vulnerability |
VCID-7d8z-g99x-7qh2 |
|
| 6 |
| vulnerability |
VCID-95kg-bk3s-g7gx |
|
| 7 |
| vulnerability |
VCID-98zq-xddz-dyc8 |
|
| 8 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 9 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 10 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 11 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 12 |
| vulnerability |
VCID-j4px-r23h-9kb7 |
|
| 13 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 14 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 15 |
| vulnerability |
VCID-nx86-xnct-afbs |
|
| 16 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
| 17 |
| vulnerability |
VCID-tfhg-gzz2-7qc5 |
|
| 18 |
| vulnerability |
VCID-uvca-5e2n-pqew |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.8.13 |
|
| 2 |
| url |
pkg:pypi/ansible@2.9.11 |
| purl |
pkg:pypi/ansible@2.9.11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 2 |
| vulnerability |
VCID-49gh-wgmc-mfew |
|
| 3 |
| vulnerability |
VCID-5mcc-gtrr-j3e4 |
|
| 4 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 5 |
| vulnerability |
VCID-7d8z-g99x-7qh2 |
|
| 6 |
| vulnerability |
VCID-98zq-xddz-dyc8 |
|
| 7 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 8 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 9 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 10 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 11 |
| vulnerability |
VCID-j4px-r23h-9kb7 |
|
| 12 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 13 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 14 |
| vulnerability |
VCID-nx86-xnct-afbs |
|
| 15 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
| 16 |
| vulnerability |
VCID-tfhg-gzz2-7qc5 |
|
| 17 |
| vulnerability |
VCID-uvca-5e2n-pqew |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.11 |
|
| 3 |
|
|
| aliases |
CVE-2020-1734, GHSA-h39q-95q5-9jfp, PYSEC-2020-6
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-6swz-79ue-bbef |
|
| 11 |
| url |
VCID-7f2g-zz9p-sufc |
| vulnerability_id |
VCID-7f2g-zz9p-sufc |
| summary |
ansible before versions 2.5.14, 2.6.11, 2.7.5 is vulnerable to a information disclosure flaw in vvv+ mode with no_log on that can lead to leakage of sensible data. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
| reference_url |
https://github.com/ansible/ansible |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
5.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N |
|
| 1 |
| value |
8.2 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N |
|
| 2 |
| value |
HIGH |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/ansible/ansible |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
| reference_url |
https://usn.ubuntu.com/4072-1 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
5.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N |
|
| 1 |
| value |
8.2 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N |
|
| 2 |
| value |
HIGH |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://usn.ubuntu.com/4072-1 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:pypi/ansible@2.5.14 |
| purl |
pkg:pypi/ansible@2.5.14 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 2 |
| vulnerability |
VCID-3v1a-j6eq-57dk |
|
| 3 |
| vulnerability |
VCID-4331-d5yy-uybc |
|
| 4 |
| vulnerability |
VCID-46yu-yqv4-1ugb |
|
| 5 |
| vulnerability |
VCID-49gh-wgmc-mfew |
|
| 6 |
| vulnerability |
VCID-5mcc-gtrr-j3e4 |
|
| 7 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 8 |
| vulnerability |
VCID-6hdk-ywcn-4qe4 |
|
| 9 |
| vulnerability |
VCID-6smx-ju23-8qes |
|
| 10 |
| vulnerability |
VCID-6swz-79ue-bbef |
|
| 11 |
| vulnerability |
VCID-95kg-bk3s-g7gx |
|
| 12 |
| vulnerability |
VCID-98zq-xddz-dyc8 |
|
| 13 |
| vulnerability |
VCID-axds-bd49-fbdj |
|
| 14 |
| vulnerability |
VCID-b423-t4kx-eqbq |
|
| 15 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 16 |
| vulnerability |
VCID-bmq3-uckn-tfhk |
|
| 17 |
| vulnerability |
VCID-brft-snn6-guc8 |
|
| 18 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 19 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 20 |
| vulnerability |
VCID-gnq4-v5a7-m3ew |
|
| 21 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 22 |
| vulnerability |
VCID-j4px-r23h-9kb7 |
|
| 23 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 24 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 25 |
| vulnerability |
VCID-n2b8-e8fa-2ue1 |
|
| 26 |
| vulnerability |
VCID-nx86-xnct-afbs |
|
| 27 |
| vulnerability |
VCID-p6cz-c9ah-c7cp |
|
| 28 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
| 29 |
| vulnerability |
VCID-rarq-tdjt-hff3 |
|
| 30 |
| vulnerability |
VCID-rnub-zmb6-5yhw |
|
| 31 |
| vulnerability |
VCID-uvca-5e2n-pqew |
|
| 32 |
| vulnerability |
VCID-xk7s-y611-mffc |
|
| 33 |
| vulnerability |
VCID-xn7b-vz2e-6qdh |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.5.14 |
|
| 1 |
| url |
pkg:pypi/ansible@2.6.11 |
| purl |
pkg:pypi/ansible@2.6.11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-39vn-b7y4-v3ez |
|
| 2 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 3 |
| vulnerability |
VCID-3v1a-j6eq-57dk |
|
| 4 |
| vulnerability |
VCID-4331-d5yy-uybc |
|
| 5 |
| vulnerability |
VCID-46yu-yqv4-1ugb |
|
| 6 |
| vulnerability |
VCID-49gh-wgmc-mfew |
|
| 7 |
| vulnerability |
VCID-52zf-mjec-f3d5 |
|
| 8 |
| vulnerability |
VCID-5mcc-gtrr-j3e4 |
|
| 9 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 10 |
| vulnerability |
VCID-6hdk-ywcn-4qe4 |
|
| 11 |
| vulnerability |
VCID-6smx-ju23-8qes |
|
| 12 |
| vulnerability |
VCID-6swz-79ue-bbef |
|
| 13 |
| vulnerability |
VCID-95kg-bk3s-g7gx |
|
| 14 |
| vulnerability |
VCID-98zq-xddz-dyc8 |
|
| 15 |
| vulnerability |
VCID-axds-bd49-fbdj |
|
| 16 |
| vulnerability |
VCID-b423-t4kx-eqbq |
|
| 17 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 18 |
| vulnerability |
VCID-bmq3-uckn-tfhk |
|
| 19 |
| vulnerability |
VCID-brft-snn6-guc8 |
|
| 20 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 21 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 22 |
| vulnerability |
VCID-gnq4-v5a7-m3ew |
|
| 23 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 24 |
| vulnerability |
VCID-j4px-r23h-9kb7 |
|
| 25 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 26 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 27 |
| vulnerability |
VCID-n2b8-e8fa-2ue1 |
|
| 28 |
| vulnerability |
VCID-nx86-xnct-afbs |
|
| 29 |
| vulnerability |
VCID-p6cz-c9ah-c7cp |
|
| 30 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
| 31 |
| vulnerability |
VCID-rarq-tdjt-hff3 |
|
| 32 |
| vulnerability |
VCID-rnub-zmb6-5yhw |
|
| 33 |
| vulnerability |
VCID-uvca-5e2n-pqew |
|
| 34 |
| vulnerability |
VCID-xk7s-y611-mffc |
|
| 35 |
| vulnerability |
VCID-xn7b-vz2e-6qdh |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.6.11 |
|
| 2 |
| url |
pkg:pypi/ansible@2.7.5 |
| purl |
pkg:pypi/ansible@2.7.5 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-39vn-b7y4-v3ez |
|
| 2 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 3 |
| vulnerability |
VCID-3v1a-j6eq-57dk |
|
| 4 |
| vulnerability |
VCID-4331-d5yy-uybc |
|
| 5 |
| vulnerability |
VCID-46yu-yqv4-1ugb |
|
| 6 |
| vulnerability |
VCID-49gh-wgmc-mfew |
|
| 7 |
| vulnerability |
VCID-4tfv-snmv-bbax |
|
| 8 |
| vulnerability |
VCID-52zf-mjec-f3d5 |
|
| 9 |
| vulnerability |
VCID-5mcc-gtrr-j3e4 |
|
| 10 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 11 |
| vulnerability |
VCID-6hdk-ywcn-4qe4 |
|
| 12 |
| vulnerability |
VCID-6smx-ju23-8qes |
|
| 13 |
| vulnerability |
VCID-6swz-79ue-bbef |
|
| 14 |
| vulnerability |
VCID-95kg-bk3s-g7gx |
|
| 15 |
| vulnerability |
VCID-98zq-xddz-dyc8 |
|
| 16 |
| vulnerability |
VCID-aq21-sp74-17gk |
|
| 17 |
| vulnerability |
VCID-axds-bd49-fbdj |
|
| 18 |
| vulnerability |
VCID-b423-t4kx-eqbq |
|
| 19 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 20 |
| vulnerability |
VCID-bmq3-uckn-tfhk |
|
| 21 |
| vulnerability |
VCID-brft-snn6-guc8 |
|
| 22 |
| vulnerability |
VCID-bvsa-kz7r-zyea |
|
| 23 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 24 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 25 |
| vulnerability |
VCID-gnq4-v5a7-m3ew |
|
| 26 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 27 |
| vulnerability |
VCID-j4px-r23h-9kb7 |
|
| 28 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 29 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 30 |
| vulnerability |
VCID-n2b8-e8fa-2ue1 |
|
| 31 |
| vulnerability |
VCID-nx86-xnct-afbs |
|
| 32 |
| vulnerability |
VCID-p6cz-c9ah-c7cp |
|
| 33 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
| 34 |
| vulnerability |
VCID-rarq-tdjt-hff3 |
|
| 35 |
| vulnerability |
VCID-rnub-zmb6-5yhw |
|
| 36 |
| vulnerability |
VCID-uvca-5e2n-pqew |
|
| 37 |
| vulnerability |
VCID-vctt-ev3n-zkf8 |
|
| 38 |
| vulnerability |
VCID-xk7s-y611-mffc |
|
| 39 |
| vulnerability |
VCID-xn7b-vz2e-6qdh |
|
| 40 |
| vulnerability |
VCID-xpfd-zdry-euh5 |
|
| 41 |
| vulnerability |
VCID-zcmk-4k97-kkd9 |
|
| 42 |
| vulnerability |
VCID-zjct-yufk-jkdg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.7.5 |
|
|
| aliases |
CVE-2018-16876, GHSA-j569-fghw-f9rx, PYSEC-2019-141
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-7f2g-zz9p-sufc |
|
| 12 |
| url |
VCID-826d-vdw1-dbaj |
| vulnerability_id |
VCID-826d-vdw1-dbaj |
| summary |
Ansible "User" module leaks any data which is passed on as a parameter to ssh-keygen. This could lean in undesirable situations such as passphrases credentials passed as a parameter for the ssh-keygen executable. Showing those credentials in clear text form for every user which have access just to the process list. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
| reference_url |
https://github.com/ansible/ansible |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
7.8 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
|
| 1 |
| value |
8.5 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N |
|
| 2 |
| value |
HIGH |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/ansible/ansible |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
| reference_url |
https://usn.ubuntu.com/4072-1 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
7.8 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
|
| 1 |
| value |
8.5 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N |
|
| 2 |
| value |
HIGH |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://usn.ubuntu.com/4072-1 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:pypi/ansible@2.5.11 |
| purl |
pkg:pypi/ansible@2.5.11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 2 |
| vulnerability |
VCID-3v1a-j6eq-57dk |
|
| 3 |
| vulnerability |
VCID-4331-d5yy-uybc |
|
| 4 |
| vulnerability |
VCID-46yu-yqv4-1ugb |
|
| 5 |
| vulnerability |
VCID-49gh-wgmc-mfew |
|
| 6 |
| vulnerability |
VCID-5mcc-gtrr-j3e4 |
|
| 7 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 8 |
| vulnerability |
VCID-6hdk-ywcn-4qe4 |
|
| 9 |
| vulnerability |
VCID-6smx-ju23-8qes |
|
| 10 |
| vulnerability |
VCID-6swz-79ue-bbef |
|
| 11 |
| vulnerability |
VCID-7f2g-zz9p-sufc |
|
| 12 |
| vulnerability |
VCID-95kg-bk3s-g7gx |
|
| 13 |
| vulnerability |
VCID-98zq-xddz-dyc8 |
|
| 14 |
| vulnerability |
VCID-axds-bd49-fbdj |
|
| 15 |
| vulnerability |
VCID-b423-t4kx-eqbq |
|
| 16 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 17 |
| vulnerability |
VCID-bmq3-uckn-tfhk |
|
| 18 |
| vulnerability |
VCID-brft-snn6-guc8 |
|
| 19 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 20 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 21 |
| vulnerability |
VCID-gnq4-v5a7-m3ew |
|
| 22 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 23 |
| vulnerability |
VCID-j4px-r23h-9kb7 |
|
| 24 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 25 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 26 |
| vulnerability |
VCID-n2b8-e8fa-2ue1 |
|
| 27 |
| vulnerability |
VCID-nx86-xnct-afbs |
|
| 28 |
| vulnerability |
VCID-p6cz-c9ah-c7cp |
|
| 29 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
| 30 |
| vulnerability |
VCID-rarq-tdjt-hff3 |
|
| 31 |
| vulnerability |
VCID-rnub-zmb6-5yhw |
|
| 32 |
| vulnerability |
VCID-uvca-5e2n-pqew |
|
| 33 |
| vulnerability |
VCID-xk7s-y611-mffc |
|
| 34 |
| vulnerability |
VCID-xn7b-vz2e-6qdh |
|
| 35 |
| vulnerability |
VCID-zcmk-4k97-kkd9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.5.11 |
|
| 1 |
| url |
pkg:pypi/ansible@2.6.7 |
| purl |
pkg:pypi/ansible@2.6.7 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-39vn-b7y4-v3ez |
|
| 2 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 3 |
| vulnerability |
VCID-3v1a-j6eq-57dk |
|
| 4 |
| vulnerability |
VCID-4331-d5yy-uybc |
|
| 5 |
| vulnerability |
VCID-46yu-yqv4-1ugb |
|
| 6 |
| vulnerability |
VCID-49gh-wgmc-mfew |
|
| 7 |
| vulnerability |
VCID-52zf-mjec-f3d5 |
|
| 8 |
| vulnerability |
VCID-5mcc-gtrr-j3e4 |
|
| 9 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 10 |
| vulnerability |
VCID-6hdk-ywcn-4qe4 |
|
| 11 |
| vulnerability |
VCID-6smx-ju23-8qes |
|
| 12 |
| vulnerability |
VCID-6swz-79ue-bbef |
|
| 13 |
| vulnerability |
VCID-7f2g-zz9p-sufc |
|
| 14 |
| vulnerability |
VCID-95kg-bk3s-g7gx |
|
| 15 |
| vulnerability |
VCID-98zq-xddz-dyc8 |
|
| 16 |
| vulnerability |
VCID-axds-bd49-fbdj |
|
| 17 |
| vulnerability |
VCID-b423-t4kx-eqbq |
|
| 18 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 19 |
| vulnerability |
VCID-bmq3-uckn-tfhk |
|
| 20 |
| vulnerability |
VCID-brft-snn6-guc8 |
|
| 21 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 22 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 23 |
| vulnerability |
VCID-gnq4-v5a7-m3ew |
|
| 24 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 25 |
| vulnerability |
VCID-j4px-r23h-9kb7 |
|
| 26 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 27 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 28 |
| vulnerability |
VCID-n2b8-e8fa-2ue1 |
|
| 29 |
| vulnerability |
VCID-nx86-xnct-afbs |
|
| 30 |
| vulnerability |
VCID-p6cz-c9ah-c7cp |
|
| 31 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
| 32 |
| vulnerability |
VCID-rarq-tdjt-hff3 |
|
| 33 |
| vulnerability |
VCID-rnub-zmb6-5yhw |
|
| 34 |
| vulnerability |
VCID-uvca-5e2n-pqew |
|
| 35 |
| vulnerability |
VCID-xk7s-y611-mffc |
|
| 36 |
| vulnerability |
VCID-xn7b-vz2e-6qdh |
|
| 37 |
| vulnerability |
VCID-zcmk-4k97-kkd9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.6.7 |
|
| 2 |
| url |
pkg:pypi/ansible@2.7.1 |
| purl |
pkg:pypi/ansible@2.7.1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-39vn-b7y4-v3ez |
|
| 2 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 3 |
| vulnerability |
VCID-3v1a-j6eq-57dk |
|
| 4 |
| vulnerability |
VCID-4331-d5yy-uybc |
|
| 5 |
| vulnerability |
VCID-46yu-yqv4-1ugb |
|
| 6 |
| vulnerability |
VCID-49gh-wgmc-mfew |
|
| 7 |
| vulnerability |
VCID-4tfv-snmv-bbax |
|
| 8 |
| vulnerability |
VCID-52zf-mjec-f3d5 |
|
| 9 |
| vulnerability |
VCID-5mcc-gtrr-j3e4 |
|
| 10 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 11 |
| vulnerability |
VCID-6hdk-ywcn-4qe4 |
|
| 12 |
| vulnerability |
VCID-6smx-ju23-8qes |
|
| 13 |
| vulnerability |
VCID-6swz-79ue-bbef |
|
| 14 |
| vulnerability |
VCID-7f2g-zz9p-sufc |
|
| 15 |
| vulnerability |
VCID-95kg-bk3s-g7gx |
|
| 16 |
| vulnerability |
VCID-98zq-xddz-dyc8 |
|
| 17 |
| vulnerability |
VCID-aq21-sp74-17gk |
|
| 18 |
| vulnerability |
VCID-axds-bd49-fbdj |
|
| 19 |
| vulnerability |
VCID-b423-t4kx-eqbq |
|
| 20 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 21 |
| vulnerability |
VCID-bmq3-uckn-tfhk |
|
| 22 |
| vulnerability |
VCID-brft-snn6-guc8 |
|
| 23 |
| vulnerability |
VCID-bvsa-kz7r-zyea |
|
| 24 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 25 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 26 |
| vulnerability |
VCID-gnq4-v5a7-m3ew |
|
| 27 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 28 |
| vulnerability |
VCID-j4px-r23h-9kb7 |
|
| 29 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 30 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 31 |
| vulnerability |
VCID-n2b8-e8fa-2ue1 |
|
| 32 |
| vulnerability |
VCID-nx86-xnct-afbs |
|
| 33 |
| vulnerability |
VCID-p6cz-c9ah-c7cp |
|
| 34 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
| 35 |
| vulnerability |
VCID-rarq-tdjt-hff3 |
|
| 36 |
| vulnerability |
VCID-rnub-zmb6-5yhw |
|
| 37 |
| vulnerability |
VCID-uvca-5e2n-pqew |
|
| 38 |
| vulnerability |
VCID-vctt-ev3n-zkf8 |
|
| 39 |
| vulnerability |
VCID-xk7s-y611-mffc |
|
| 40 |
| vulnerability |
VCID-xn7b-vz2e-6qdh |
|
| 41 |
| vulnerability |
VCID-xpfd-zdry-euh5 |
|
| 42 |
| vulnerability |
VCID-zcmk-4k97-kkd9 |
|
| 43 |
| vulnerability |
VCID-zjct-yufk-jkdg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.7.1 |
|
|
| aliases |
CVE-2018-16837, GHSA-hwrm-63v2-42g4, PYSEC-2018-44
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-826d-vdw1-dbaj |
|
| 13 |
| url |
VCID-95kg-bk3s-g7gx |
| vulnerability_id |
VCID-95kg-bk3s-g7gx |
| summary |
A flaw was found in the use of insufficiently random values in Ansible. Two random password lookups of the same length generate the equal value as the template caching action for the same file since no re-evaluation happens. The highest threat from this vulnerability would be that all passwords are exposed at once for the file. This flaw affects Ansible Engine versions before 2.9.6. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
| reference_url |
https://github.com/advisories/GHSA-r6h7-5pq2-j77h |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
5.0 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N |
|
| 1 |
| value |
MODERATE |
| scoring_system |
cvssv3.1_qr |
| scoring_elements |
|
|
| 2 |
| value |
5.1 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N |
|
| 3 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/advisories/GHSA-r6h7-5pq2-j77h |
|
| 23 |
| reference_url |
https://github.com/ansible/ansible |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
5.0 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N |
|
| 1 |
| value |
5.1 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/ansible/ansible |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:pypi/ansible@2.9.6 |
| purl |
pkg:pypi/ansible@2.9.6 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 2 |
| vulnerability |
VCID-4331-d5yy-uybc |
|
| 3 |
| vulnerability |
VCID-49gh-wgmc-mfew |
|
| 4 |
| vulnerability |
VCID-5mcc-gtrr-j3e4 |
|
| 5 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 6 |
| vulnerability |
VCID-6hdk-ywcn-4qe4 |
|
| 7 |
| vulnerability |
VCID-6swz-79ue-bbef |
|
| 8 |
| vulnerability |
VCID-7d8z-g99x-7qh2 |
|
| 9 |
| vulnerability |
VCID-98zq-xddz-dyc8 |
|
| 10 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 11 |
| vulnerability |
VCID-bvsa-kz7r-zyea |
|
| 12 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 13 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 14 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 15 |
| vulnerability |
VCID-j4px-r23h-9kb7 |
|
| 16 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 17 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 18 |
| vulnerability |
VCID-nx86-xnct-afbs |
|
| 19 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
| 20 |
| vulnerability |
VCID-rarq-tdjt-hff3 |
|
| 21 |
| vulnerability |
VCID-tfhg-gzz2-7qc5 |
|
| 22 |
| vulnerability |
VCID-uvca-5e2n-pqew |
|
| 23 |
| vulnerability |
VCID-xpfd-zdry-euh5 |
|
| 24 |
| vulnerability |
VCID-ydka-2etb-hue9 |
|
| 25 |
| vulnerability |
VCID-zjct-yufk-jkdg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.6 |
|
|
| aliases |
CVE-2020-10729, GHSA-r6h7-5pq2-j77h, PYSEC-2021-105
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-95kg-bk3s-g7gx |
|
| 14 |
| url |
VCID-axds-bd49-fbdj |
| vulnerability_id |
VCID-axds-bd49-fbdj |
| summary |
A flaw was found in the solaris_zone module from the Ansible Community modules. When setting the name for the zone on the Solaris host, the zone name is checked by listing the process with the 'ps' bare command on the remote machine. An attacker could take advantage of this flaw by crafting the name of the zone and executing arbitrary commands in the remote host. Ansible Engine 2.7.15, 2.8.7, and 2.9.2 as well as previous versions are affected. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
| reference_url |
https://github.com/ansible/ansible |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
7.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:L/A:L |
|
| 1 |
| value |
8.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:L/VA:L/SC:H/SI:L/SA:L |
|
| 2 |
| value |
HIGH |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/ansible/ansible |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:pypi/ansible@2.7.15 |
| purl |
pkg:pypi/ansible@2.7.15 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 2 |
| vulnerability |
VCID-4331-d5yy-uybc |
|
| 3 |
| vulnerability |
VCID-49gh-wgmc-mfew |
|
| 4 |
| vulnerability |
VCID-4tfv-snmv-bbax |
|
| 5 |
| vulnerability |
VCID-5mcc-gtrr-j3e4 |
|
| 6 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 7 |
| vulnerability |
VCID-6hdk-ywcn-4qe4 |
|
| 8 |
| vulnerability |
VCID-6swz-79ue-bbef |
|
| 9 |
| vulnerability |
VCID-95kg-bk3s-g7gx |
|
| 10 |
| vulnerability |
VCID-98zq-xddz-dyc8 |
|
| 11 |
| vulnerability |
VCID-aq21-sp74-17gk |
|
| 12 |
| vulnerability |
VCID-b423-t4kx-eqbq |
|
| 13 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 14 |
| vulnerability |
VCID-brft-snn6-guc8 |
|
| 15 |
| vulnerability |
VCID-bvsa-kz7r-zyea |
|
| 16 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 17 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 18 |
| vulnerability |
VCID-gnq4-v5a7-m3ew |
|
| 19 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 20 |
| vulnerability |
VCID-j4px-r23h-9kb7 |
|
| 21 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 22 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 23 |
| vulnerability |
VCID-n2b8-e8fa-2ue1 |
|
| 24 |
| vulnerability |
VCID-nx86-xnct-afbs |
|
| 25 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
| 26 |
| vulnerability |
VCID-rarq-tdjt-hff3 |
|
| 27 |
| vulnerability |
VCID-rnub-zmb6-5yhw |
|
| 28 |
| vulnerability |
VCID-uvca-5e2n-pqew |
|
| 29 |
| vulnerability |
VCID-xpfd-zdry-euh5 |
|
| 30 |
| vulnerability |
VCID-zcmk-4k97-kkd9 |
|
| 31 |
| vulnerability |
VCID-zjct-yufk-jkdg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.7.15 |
|
| 1 |
| url |
pkg:pypi/ansible@2.7.16 |
| purl |
pkg:pypi/ansible@2.7.16 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 2 |
| vulnerability |
VCID-4331-d5yy-uybc |
|
| 3 |
| vulnerability |
VCID-49gh-wgmc-mfew |
|
| 4 |
| vulnerability |
VCID-5mcc-gtrr-j3e4 |
|
| 5 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 6 |
| vulnerability |
VCID-6hdk-ywcn-4qe4 |
|
| 7 |
| vulnerability |
VCID-6swz-79ue-bbef |
|
| 8 |
| vulnerability |
VCID-95kg-bk3s-g7gx |
|
| 9 |
| vulnerability |
VCID-98zq-xddz-dyc8 |
|
| 10 |
| vulnerability |
VCID-b423-t4kx-eqbq |
|
| 11 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 12 |
| vulnerability |
VCID-brft-snn6-guc8 |
|
| 13 |
| vulnerability |
VCID-bvsa-kz7r-zyea |
|
| 14 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 15 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 16 |
| vulnerability |
VCID-gnq4-v5a7-m3ew |
|
| 17 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 18 |
| vulnerability |
VCID-j4px-r23h-9kb7 |
|
| 19 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 20 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 21 |
| vulnerability |
VCID-n2b8-e8fa-2ue1 |
|
| 22 |
| vulnerability |
VCID-nx86-xnct-afbs |
|
| 23 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
| 24 |
| vulnerability |
VCID-rarq-tdjt-hff3 |
|
| 25 |
| vulnerability |
VCID-rnub-zmb6-5yhw |
|
| 26 |
| vulnerability |
VCID-uvca-5e2n-pqew |
|
| 27 |
| vulnerability |
VCID-xpfd-zdry-euh5 |
|
| 28 |
| vulnerability |
VCID-zcmk-4k97-kkd9 |
|
| 29 |
| vulnerability |
VCID-zjct-yufk-jkdg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.7.16 |
|
| 2 |
| url |
pkg:pypi/ansible@2.8.7 |
| purl |
pkg:pypi/ansible@2.8.7 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 2 |
| vulnerability |
VCID-4331-d5yy-uybc |
|
| 3 |
| vulnerability |
VCID-49gh-wgmc-mfew |
|
| 4 |
| vulnerability |
VCID-4tfv-snmv-bbax |
|
| 5 |
| vulnerability |
VCID-5mcc-gtrr-j3e4 |
|
| 6 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 7 |
| vulnerability |
VCID-6hdk-ywcn-4qe4 |
|
| 8 |
| vulnerability |
VCID-6swz-79ue-bbef |
|
| 9 |
| vulnerability |
VCID-7d8z-g99x-7qh2 |
|
| 10 |
| vulnerability |
VCID-95kg-bk3s-g7gx |
|
| 11 |
| vulnerability |
VCID-98zq-xddz-dyc8 |
|
| 12 |
| vulnerability |
VCID-aq21-sp74-17gk |
|
| 13 |
| vulnerability |
VCID-b423-t4kx-eqbq |
|
| 14 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 15 |
| vulnerability |
VCID-brft-snn6-guc8 |
|
| 16 |
| vulnerability |
VCID-bvsa-kz7r-zyea |
|
| 17 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 18 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 19 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 20 |
| vulnerability |
VCID-j4px-r23h-9kb7 |
|
| 21 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 22 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 23 |
| vulnerability |
VCID-n2b8-e8fa-2ue1 |
|
| 24 |
| vulnerability |
VCID-nx86-xnct-afbs |
|
| 25 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
| 26 |
| vulnerability |
VCID-rarq-tdjt-hff3 |
|
| 27 |
| vulnerability |
VCID-rnub-zmb6-5yhw |
|
| 28 |
| vulnerability |
VCID-tfhg-gzz2-7qc5 |
|
| 29 |
| vulnerability |
VCID-uvca-5e2n-pqew |
|
| 30 |
| vulnerability |
VCID-xpfd-zdry-euh5 |
|
| 31 |
| vulnerability |
VCID-zjct-yufk-jkdg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.8.7 |
|
| 3 |
| url |
pkg:pypi/ansible@2.8.8 |
| purl |
pkg:pypi/ansible@2.8.8 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 2 |
| vulnerability |
VCID-4331-d5yy-uybc |
|
| 3 |
| vulnerability |
VCID-49gh-wgmc-mfew |
|
| 4 |
| vulnerability |
VCID-5mcc-gtrr-j3e4 |
|
| 5 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 6 |
| vulnerability |
VCID-6hdk-ywcn-4qe4 |
|
| 7 |
| vulnerability |
VCID-6swz-79ue-bbef |
|
| 8 |
| vulnerability |
VCID-7d8z-g99x-7qh2 |
|
| 9 |
| vulnerability |
VCID-95kg-bk3s-g7gx |
|
| 10 |
| vulnerability |
VCID-98zq-xddz-dyc8 |
|
| 11 |
| vulnerability |
VCID-b423-t4kx-eqbq |
|
| 12 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 13 |
| vulnerability |
VCID-brft-snn6-guc8 |
|
| 14 |
| vulnerability |
VCID-bvsa-kz7r-zyea |
|
| 15 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 16 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 17 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 18 |
| vulnerability |
VCID-j4px-r23h-9kb7 |
|
| 19 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 20 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 21 |
| vulnerability |
VCID-n2b8-e8fa-2ue1 |
|
| 22 |
| vulnerability |
VCID-nx86-xnct-afbs |
|
| 23 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
| 24 |
| vulnerability |
VCID-rarq-tdjt-hff3 |
|
| 25 |
| vulnerability |
VCID-rnub-zmb6-5yhw |
|
| 26 |
| vulnerability |
VCID-tfhg-gzz2-7qc5 |
|
| 27 |
| vulnerability |
VCID-uvca-5e2n-pqew |
|
| 28 |
| vulnerability |
VCID-xpfd-zdry-euh5 |
|
| 29 |
| vulnerability |
VCID-zjct-yufk-jkdg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.8.8 |
|
| 4 |
| url |
pkg:pypi/ansible@2.9.2 |
| purl |
pkg:pypi/ansible@2.9.2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 2 |
| vulnerability |
VCID-4331-d5yy-uybc |
|
| 3 |
| vulnerability |
VCID-49gh-wgmc-mfew |
|
| 4 |
| vulnerability |
VCID-4tfv-snmv-bbax |
|
| 5 |
| vulnerability |
VCID-5mcc-gtrr-j3e4 |
|
| 6 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 7 |
| vulnerability |
VCID-6hdk-ywcn-4qe4 |
|
| 8 |
| vulnerability |
VCID-6swz-79ue-bbef |
|
| 9 |
| vulnerability |
VCID-7d8z-g99x-7qh2 |
|
| 10 |
| vulnerability |
VCID-95kg-bk3s-g7gx |
|
| 11 |
| vulnerability |
VCID-98zq-xddz-dyc8 |
|
| 12 |
| vulnerability |
VCID-b423-t4kx-eqbq |
|
| 13 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 14 |
| vulnerability |
VCID-brft-snn6-guc8 |
|
| 15 |
| vulnerability |
VCID-bvsa-kz7r-zyea |
|
| 16 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 17 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 18 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 19 |
| vulnerability |
VCID-j4px-r23h-9kb7 |
|
| 20 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 21 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 22 |
| vulnerability |
VCID-n2b8-e8fa-2ue1 |
|
| 23 |
| vulnerability |
VCID-nx86-xnct-afbs |
|
| 24 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
| 25 |
| vulnerability |
VCID-rarq-tdjt-hff3 |
|
| 26 |
| vulnerability |
VCID-rnub-zmb6-5yhw |
|
| 27 |
| vulnerability |
VCID-tfhg-gzz2-7qc5 |
|
| 28 |
| vulnerability |
VCID-uvca-5e2n-pqew |
|
| 29 |
| vulnerability |
VCID-xpfd-zdry-euh5 |
|
| 30 |
| vulnerability |
VCID-ydka-2etb-hue9 |
|
| 31 |
| vulnerability |
VCID-zjct-yufk-jkdg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.2 |
|
| 5 |
| url |
pkg:pypi/ansible@2.9.3 |
| purl |
pkg:pypi/ansible@2.9.3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 2 |
| vulnerability |
VCID-4331-d5yy-uybc |
|
| 3 |
| vulnerability |
VCID-49gh-wgmc-mfew |
|
| 4 |
| vulnerability |
VCID-5mcc-gtrr-j3e4 |
|
| 5 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 6 |
| vulnerability |
VCID-6hdk-ywcn-4qe4 |
|
| 7 |
| vulnerability |
VCID-6swz-79ue-bbef |
|
| 8 |
| vulnerability |
VCID-7d8z-g99x-7qh2 |
|
| 9 |
| vulnerability |
VCID-95kg-bk3s-g7gx |
|
| 10 |
| vulnerability |
VCID-98zq-xddz-dyc8 |
|
| 11 |
| vulnerability |
VCID-b423-t4kx-eqbq |
|
| 12 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 13 |
| vulnerability |
VCID-brft-snn6-guc8 |
|
| 14 |
| vulnerability |
VCID-bvsa-kz7r-zyea |
|
| 15 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 16 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 17 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 18 |
| vulnerability |
VCID-j4px-r23h-9kb7 |
|
| 19 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 20 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 21 |
| vulnerability |
VCID-n2b8-e8fa-2ue1 |
|
| 22 |
| vulnerability |
VCID-nx86-xnct-afbs |
|
| 23 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
| 24 |
| vulnerability |
VCID-rarq-tdjt-hff3 |
|
| 25 |
| vulnerability |
VCID-rnub-zmb6-5yhw |
|
| 26 |
| vulnerability |
VCID-tfhg-gzz2-7qc5 |
|
| 27 |
| vulnerability |
VCID-uvca-5e2n-pqew |
|
| 28 |
| vulnerability |
VCID-xpfd-zdry-euh5 |
|
| 29 |
| vulnerability |
VCID-ydka-2etb-hue9 |
|
| 30 |
| vulnerability |
VCID-zjct-yufk-jkdg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.3 |
|
|
| aliases |
CVE-2019-14904, GHSA-gwr8-5j83-483c, PYSEC-2020-161
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-axds-bd49-fbdj |
|
| 15 |
| url |
VCID-b423-t4kx-eqbq |
| vulnerability_id |
VCID-b423-t4kx-eqbq |
| summary |
A flaw was found in the Ansible Engine when the fetch module is used. An attacker could intercept the module, inject a new path, and then choose a new destination path on the controller node. All versions in 2.7.x, 2.8.x and 2.9.x branches are believed to be vulnerable. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
| reference_url |
https://github.com/advisories/GHSA-gfr2-qpxh-qj9m |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
4.6 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N |
|
| 1 |
| value |
MODERATE |
| scoring_system |
cvssv3.1_qr |
| scoring_elements |
|
|
| 2 |
| value |
4.6 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N |
|
| 3 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/advisories/GHSA-gfr2-qpxh-qj9m |
|
| 23 |
| reference_url |
https://github.com/ansible/ansible |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
4.6 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N |
|
| 1 |
| value |
4.6 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/ansible/ansible |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
| 41 |
|
| 42 |
|
| 43 |
|
| 44 |
|
| 45 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:pypi/ansible@2.7.17 |
| purl |
pkg:pypi/ansible@2.7.17 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 2 |
| vulnerability |
VCID-49gh-wgmc-mfew |
|
| 3 |
| vulnerability |
VCID-5mcc-gtrr-j3e4 |
|
| 4 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 5 |
| vulnerability |
VCID-6hdk-ywcn-4qe4 |
|
| 6 |
| vulnerability |
VCID-6swz-79ue-bbef |
|
| 7 |
| vulnerability |
VCID-95kg-bk3s-g7gx |
|
| 8 |
| vulnerability |
VCID-98zq-xddz-dyc8 |
|
| 9 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 10 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 11 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 12 |
| vulnerability |
VCID-gnq4-v5a7-m3ew |
|
| 13 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 14 |
| vulnerability |
VCID-j4px-r23h-9kb7 |
|
| 15 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 16 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 17 |
| vulnerability |
VCID-nx86-xnct-afbs |
|
| 18 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
| 19 |
| vulnerability |
VCID-uvca-5e2n-pqew |
|
| 20 |
| vulnerability |
VCID-zcmk-4k97-kkd9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.7.17 |
|
| 1 |
| url |
pkg:pypi/ansible@2.7.18 |
| purl |
pkg:pypi/ansible@2.7.18 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 2 |
| vulnerability |
VCID-49gh-wgmc-mfew |
|
| 3 |
| vulnerability |
VCID-5mcc-gtrr-j3e4 |
|
| 4 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 5 |
| vulnerability |
VCID-6swz-79ue-bbef |
|
| 6 |
| vulnerability |
VCID-95kg-bk3s-g7gx |
|
| 7 |
| vulnerability |
VCID-98zq-xddz-dyc8 |
|
| 8 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 9 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 10 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 11 |
| vulnerability |
VCID-gnq4-v5a7-m3ew |
|
| 12 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 13 |
| vulnerability |
VCID-j4px-r23h-9kb7 |
|
| 14 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 15 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 16 |
| vulnerability |
VCID-nx86-xnct-afbs |
|
| 17 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
| 18 |
| vulnerability |
VCID-uvca-5e2n-pqew |
|
| 19 |
| vulnerability |
VCID-zcmk-4k97-kkd9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.7.18 |
|
| 2 |
| url |
pkg:pypi/ansible@2.8.0a1 |
| purl |
pkg:pypi/ansible@2.8.0a1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 2 |
| vulnerability |
VCID-4331-d5yy-uybc |
|
| 3 |
| vulnerability |
VCID-49gh-wgmc-mfew |
|
| 4 |
| vulnerability |
VCID-4tfv-snmv-bbax |
|
| 5 |
| vulnerability |
VCID-5mcc-gtrr-j3e4 |
|
| 6 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 7 |
| vulnerability |
VCID-6hdk-ywcn-4qe4 |
|
| 8 |
| vulnerability |
VCID-6smx-ju23-8qes |
|
| 9 |
| vulnerability |
VCID-6swz-79ue-bbef |
|
| 10 |
| vulnerability |
VCID-7d8z-g99x-7qh2 |
|
| 11 |
| vulnerability |
VCID-95kg-bk3s-g7gx |
|
| 12 |
| vulnerability |
VCID-98zq-xddz-dyc8 |
|
| 13 |
| vulnerability |
VCID-aq21-sp74-17gk |
|
| 14 |
| vulnerability |
VCID-axds-bd49-fbdj |
|
| 15 |
| vulnerability |
VCID-b423-t4kx-eqbq |
|
| 16 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 17 |
| vulnerability |
VCID-brft-snn6-guc8 |
|
| 18 |
| vulnerability |
VCID-bvsa-kz7r-zyea |
|
| 19 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 20 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 21 |
| vulnerability |
VCID-gnq4-v5a7-m3ew |
|
| 22 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 23 |
| vulnerability |
VCID-j4px-r23h-9kb7 |
|
| 24 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 25 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 26 |
| vulnerability |
VCID-mk3k-n9wn-q3ct |
|
| 27 |
| vulnerability |
VCID-n2b8-e8fa-2ue1 |
|
| 28 |
| vulnerability |
VCID-nx86-xnct-afbs |
|
| 29 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
| 30 |
| vulnerability |
VCID-rarq-tdjt-hff3 |
|
| 31 |
| vulnerability |
VCID-rnub-zmb6-5yhw |
|
| 32 |
| vulnerability |
VCID-uvca-5e2n-pqew |
|
| 33 |
| vulnerability |
VCID-xn7b-vz2e-6qdh |
|
| 34 |
| vulnerability |
VCID-xpfd-zdry-euh5 |
|
| 35 |
| vulnerability |
VCID-zcmk-4k97-kkd9 |
|
| 36 |
| vulnerability |
VCID-zjct-yufk-jkdg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.8.0a1 |
|
| 3 |
| url |
pkg:pypi/ansible@2.8.9 |
| purl |
pkg:pypi/ansible@2.8.9 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 2 |
| vulnerability |
VCID-4331-d5yy-uybc |
|
| 3 |
| vulnerability |
VCID-49gh-wgmc-mfew |
|
| 4 |
| vulnerability |
VCID-5mcc-gtrr-j3e4 |
|
| 5 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 6 |
| vulnerability |
VCID-6hdk-ywcn-4qe4 |
|
| 7 |
| vulnerability |
VCID-6swz-79ue-bbef |
|
| 8 |
| vulnerability |
VCID-7d8z-g99x-7qh2 |
|
| 9 |
| vulnerability |
VCID-95kg-bk3s-g7gx |
|
| 10 |
| vulnerability |
VCID-98zq-xddz-dyc8 |
|
| 11 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 12 |
| vulnerability |
VCID-bvsa-kz7r-zyea |
|
| 13 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 14 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 15 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 16 |
| vulnerability |
VCID-j4px-r23h-9kb7 |
|
| 17 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 18 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 19 |
| vulnerability |
VCID-nx86-xnct-afbs |
|
| 20 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
| 21 |
| vulnerability |
VCID-tfhg-gzz2-7qc5 |
|
| 22 |
| vulnerability |
VCID-uvca-5e2n-pqew |
|
| 23 |
| vulnerability |
VCID-xpfd-zdry-euh5 |
|
| 24 |
| vulnerability |
VCID-zjct-yufk-jkdg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.8.9 |
|
| 4 |
| url |
pkg:pypi/ansible@2.8.12 |
| purl |
pkg:pypi/ansible@2.8.12 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 2 |
| vulnerability |
VCID-49gh-wgmc-mfew |
|
| 3 |
| vulnerability |
VCID-5mcc-gtrr-j3e4 |
|
| 4 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 5 |
| vulnerability |
VCID-6swz-79ue-bbef |
|
| 6 |
| vulnerability |
VCID-7d8z-g99x-7qh2 |
|
| 7 |
| vulnerability |
VCID-95kg-bk3s-g7gx |
|
| 8 |
| vulnerability |
VCID-98zq-xddz-dyc8 |
|
| 9 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 10 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 11 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 12 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 13 |
| vulnerability |
VCID-j4px-r23h-9kb7 |
|
| 14 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 15 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 16 |
| vulnerability |
VCID-nx86-xnct-afbs |
|
| 17 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
| 18 |
| vulnerability |
VCID-tfhg-gzz2-7qc5 |
|
| 19 |
| vulnerability |
VCID-uvca-5e2n-pqew |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.8.12 |
|
| 5 |
| url |
pkg:pypi/ansible@2.9.6 |
| purl |
pkg:pypi/ansible@2.9.6 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 2 |
| vulnerability |
VCID-4331-d5yy-uybc |
|
| 3 |
| vulnerability |
VCID-49gh-wgmc-mfew |
|
| 4 |
| vulnerability |
VCID-5mcc-gtrr-j3e4 |
|
| 5 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 6 |
| vulnerability |
VCID-6hdk-ywcn-4qe4 |
|
| 7 |
| vulnerability |
VCID-6swz-79ue-bbef |
|
| 8 |
| vulnerability |
VCID-7d8z-g99x-7qh2 |
|
| 9 |
| vulnerability |
VCID-98zq-xddz-dyc8 |
|
| 10 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 11 |
| vulnerability |
VCID-bvsa-kz7r-zyea |
|
| 12 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 13 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 14 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 15 |
| vulnerability |
VCID-j4px-r23h-9kb7 |
|
| 16 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 17 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 18 |
| vulnerability |
VCID-nx86-xnct-afbs |
|
| 19 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
| 20 |
| vulnerability |
VCID-rarq-tdjt-hff3 |
|
| 21 |
| vulnerability |
VCID-tfhg-gzz2-7qc5 |
|
| 22 |
| vulnerability |
VCID-uvca-5e2n-pqew |
|
| 23 |
| vulnerability |
VCID-xpfd-zdry-euh5 |
|
| 24 |
| vulnerability |
VCID-ydka-2etb-hue9 |
|
| 25 |
| vulnerability |
VCID-zjct-yufk-jkdg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.6 |
|
| 6 |
| url |
pkg:pypi/ansible@2.9.8 |
| purl |
pkg:pypi/ansible@2.9.8 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 2 |
| vulnerability |
VCID-49gh-wgmc-mfew |
|
| 3 |
| vulnerability |
VCID-5mcc-gtrr-j3e4 |
|
| 4 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 5 |
| vulnerability |
VCID-6swz-79ue-bbef |
|
| 6 |
| vulnerability |
VCID-7d8z-g99x-7qh2 |
|
| 7 |
| vulnerability |
VCID-98zq-xddz-dyc8 |
|
| 8 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 9 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 10 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 11 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 12 |
| vulnerability |
VCID-j4px-r23h-9kb7 |
|
| 13 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 14 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 15 |
| vulnerability |
VCID-nx86-xnct-afbs |
|
| 16 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
| 17 |
| vulnerability |
VCID-tfhg-gzz2-7qc5 |
|
| 18 |
| vulnerability |
VCID-uvca-5e2n-pqew |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.8 |
|
|
| aliases |
CVE-2020-1735, GHSA-gfr2-qpxh-qj9m, PYSEC-2020-7
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-b423-t4kx-eqbq |
|
| 16 |
| url |
VCID-b8cv-v25q-1kh3 |
| vulnerability_id |
VCID-b8cv-v25q-1kh3 |
| summary |
An Improper Output Neutralization for Logs flaw was found in Ansible when using the uri module, where sensitive data is exposed to content and json output. This flaw allows an attacker to access the logs or outputs of performed tasks to read keys used in playbooks from other users within the uri module. The highest threat from this vulnerability is to data confidentiality. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
| reference_url |
https://github.com/advisories/GHSA-785x-qw4v-6872 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
5.5 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
|
| 1 |
| value |
MODERATE |
| scoring_system |
cvssv3.1_qr |
| scoring_elements |
|
|
| 2 |
| value |
6.8 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N |
|
| 3 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/advisories/GHSA-785x-qw4v-6872 |
|
| 23 |
| reference_url |
https://github.com/ansible/ansible |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
5.5 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
|
| 1 |
| value |
6.8 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/ansible/ansible |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:pypi/ansible@2.9.12 |
| purl |
pkg:pypi/ansible@2.9.12 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 2 |
| vulnerability |
VCID-49gh-wgmc-mfew |
|
| 3 |
| vulnerability |
VCID-5mcc-gtrr-j3e4 |
|
| 4 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 5 |
| vulnerability |
VCID-7d8z-g99x-7qh2 |
|
| 6 |
| vulnerability |
VCID-98zq-xddz-dyc8 |
|
| 7 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 8 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 9 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 10 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 11 |
| vulnerability |
VCID-j4px-r23h-9kb7 |
|
| 12 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 13 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 14 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
| 15 |
| vulnerability |
VCID-uvca-5e2n-pqew |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.12 |
|
| 1 |
|
|
| aliases |
CVE-2020-14330, GHSA-785x-qw4v-6872, PYSEC-2020-3
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-b8cv-v25q-1kh3 |
|
| 17 |
| url |
VCID-bmq3-uckn-tfhk |
| vulnerability_id |
VCID-bmq3-uckn-tfhk |
| summary |
Ansible fetch module before versions 2.5.15, 2.6.14, 2.7.8 has a path traversal vulnerability which allows copying and overwriting files outside of the specified destination in the local ansible controller host, by not restricting an absolute path. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
| reference_url |
https://github.com/ansible/ansible |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
4.2 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N |
|
| 1 |
| value |
2.4 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N |
|
| 2 |
| value |
LOW |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/ansible/ansible |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
| reference_url |
https://usn.ubuntu.com/4072-1 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
4.2 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N |
|
| 1 |
| value |
2.4 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N |
|
| 2 |
| value |
LOW |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://usn.ubuntu.com/4072-1 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:pypi/ansible@2.5.15 |
| purl |
pkg:pypi/ansible@2.5.15 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 2 |
| vulnerability |
VCID-4331-d5yy-uybc |
|
| 3 |
| vulnerability |
VCID-46yu-yqv4-1ugb |
|
| 4 |
| vulnerability |
VCID-49gh-wgmc-mfew |
|
| 5 |
| vulnerability |
VCID-5mcc-gtrr-j3e4 |
|
| 6 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 7 |
| vulnerability |
VCID-6hdk-ywcn-4qe4 |
|
| 8 |
| vulnerability |
VCID-6smx-ju23-8qes |
|
| 9 |
| vulnerability |
VCID-6swz-79ue-bbef |
|
| 10 |
| vulnerability |
VCID-95kg-bk3s-g7gx |
|
| 11 |
| vulnerability |
VCID-98zq-xddz-dyc8 |
|
| 12 |
| vulnerability |
VCID-axds-bd49-fbdj |
|
| 13 |
| vulnerability |
VCID-b423-t4kx-eqbq |
|
| 14 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 15 |
| vulnerability |
VCID-brft-snn6-guc8 |
|
| 16 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 17 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 18 |
| vulnerability |
VCID-gnq4-v5a7-m3ew |
|
| 19 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 20 |
| vulnerability |
VCID-j4px-r23h-9kb7 |
|
| 21 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 22 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 23 |
| vulnerability |
VCID-n2b8-e8fa-2ue1 |
|
| 24 |
| vulnerability |
VCID-nx86-xnct-afbs |
|
| 25 |
| vulnerability |
VCID-p6cz-c9ah-c7cp |
|
| 26 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
| 27 |
| vulnerability |
VCID-rarq-tdjt-hff3 |
|
| 28 |
| vulnerability |
VCID-rnub-zmb6-5yhw |
|
| 29 |
| vulnerability |
VCID-uvca-5e2n-pqew |
|
| 30 |
| vulnerability |
VCID-xk7s-y611-mffc |
|
| 31 |
| vulnerability |
VCID-xn7b-vz2e-6qdh |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.5.15 |
|
| 1 |
| url |
pkg:pypi/ansible@2.6.14 |
| purl |
pkg:pypi/ansible@2.6.14 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-39vn-b7y4-v3ez |
|
| 2 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 3 |
| vulnerability |
VCID-4331-d5yy-uybc |
|
| 4 |
| vulnerability |
VCID-46yu-yqv4-1ugb |
|
| 5 |
| vulnerability |
VCID-49gh-wgmc-mfew |
|
| 6 |
| vulnerability |
VCID-52zf-mjec-f3d5 |
|
| 7 |
| vulnerability |
VCID-5mcc-gtrr-j3e4 |
|
| 8 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 9 |
| vulnerability |
VCID-6hdk-ywcn-4qe4 |
|
| 10 |
| vulnerability |
VCID-6smx-ju23-8qes |
|
| 11 |
| vulnerability |
VCID-6swz-79ue-bbef |
|
| 12 |
| vulnerability |
VCID-95kg-bk3s-g7gx |
|
| 13 |
| vulnerability |
VCID-98zq-xddz-dyc8 |
|
| 14 |
| vulnerability |
VCID-axds-bd49-fbdj |
|
| 15 |
| vulnerability |
VCID-b423-t4kx-eqbq |
|
| 16 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 17 |
| vulnerability |
VCID-brft-snn6-guc8 |
|
| 18 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 19 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 20 |
| vulnerability |
VCID-gnq4-v5a7-m3ew |
|
| 21 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 22 |
| vulnerability |
VCID-j4px-r23h-9kb7 |
|
| 23 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 24 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 25 |
| vulnerability |
VCID-n2b8-e8fa-2ue1 |
|
| 26 |
| vulnerability |
VCID-nx86-xnct-afbs |
|
| 27 |
| vulnerability |
VCID-p6cz-c9ah-c7cp |
|
| 28 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
| 29 |
| vulnerability |
VCID-rarq-tdjt-hff3 |
|
| 30 |
| vulnerability |
VCID-rnub-zmb6-5yhw |
|
| 31 |
| vulnerability |
VCID-uvca-5e2n-pqew |
|
| 32 |
| vulnerability |
VCID-xk7s-y611-mffc |
|
| 33 |
| vulnerability |
VCID-xn7b-vz2e-6qdh |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.6.14 |
|
| 2 |
| url |
pkg:pypi/ansible@2.7.8 |
| purl |
pkg:pypi/ansible@2.7.8 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-39vn-b7y4-v3ez |
|
| 2 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 3 |
| vulnerability |
VCID-4331-d5yy-uybc |
|
| 4 |
| vulnerability |
VCID-46yu-yqv4-1ugb |
|
| 5 |
| vulnerability |
VCID-49gh-wgmc-mfew |
|
| 6 |
| vulnerability |
VCID-4tfv-snmv-bbax |
|
| 7 |
| vulnerability |
VCID-52zf-mjec-f3d5 |
|
| 8 |
| vulnerability |
VCID-5mcc-gtrr-j3e4 |
|
| 9 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 10 |
| vulnerability |
VCID-6hdk-ywcn-4qe4 |
|
| 11 |
| vulnerability |
VCID-6smx-ju23-8qes |
|
| 12 |
| vulnerability |
VCID-6swz-79ue-bbef |
|
| 13 |
| vulnerability |
VCID-95kg-bk3s-g7gx |
|
| 14 |
| vulnerability |
VCID-98zq-xddz-dyc8 |
|
| 15 |
| vulnerability |
VCID-aq21-sp74-17gk |
|
| 16 |
| vulnerability |
VCID-axds-bd49-fbdj |
|
| 17 |
| vulnerability |
VCID-b423-t4kx-eqbq |
|
| 18 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 19 |
| vulnerability |
VCID-brft-snn6-guc8 |
|
| 20 |
| vulnerability |
VCID-bvsa-kz7r-zyea |
|
| 21 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 22 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 23 |
| vulnerability |
VCID-gnq4-v5a7-m3ew |
|
| 24 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 25 |
| vulnerability |
VCID-j4px-r23h-9kb7 |
|
| 26 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 27 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 28 |
| vulnerability |
VCID-n2b8-e8fa-2ue1 |
|
| 29 |
| vulnerability |
VCID-nx86-xnct-afbs |
|
| 30 |
| vulnerability |
VCID-p6cz-c9ah-c7cp |
|
| 31 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
| 32 |
| vulnerability |
VCID-rarq-tdjt-hff3 |
|
| 33 |
| vulnerability |
VCID-rnub-zmb6-5yhw |
|
| 34 |
| vulnerability |
VCID-uvca-5e2n-pqew |
|
| 35 |
| vulnerability |
VCID-vctt-ev3n-zkf8 |
|
| 36 |
| vulnerability |
VCID-xk7s-y611-mffc |
|
| 37 |
| vulnerability |
VCID-xn7b-vz2e-6qdh |
|
| 38 |
| vulnerability |
VCID-xpfd-zdry-euh5 |
|
| 39 |
| vulnerability |
VCID-zcmk-4k97-kkd9 |
|
| 40 |
| vulnerability |
VCID-zjct-yufk-jkdg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.7.8 |
|
|
| aliases |
CVE-2019-3828, GHSA-74vq-h4q8-x6jv, PYSEC-2019-5
|
| risk_score |
1.4 |
| exploitability |
0.5 |
| weighted_severity |
2.7 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-bmq3-uckn-tfhk |
|
| 18 |
| url |
VCID-brft-snn6-guc8 |
| vulnerability_id |
VCID-brft-snn6-guc8 |
| summary |
A flaw was found in Ansible 2.7.17 and prior, 2.8.9 and prior, and 2.9.6 and prior when using the Extract-Zip function from the win_unzip module as the extracted file(s) are not checked if they belong to the destination folder. An attacker could take advantage of this flaw by crafting an archive anywhere in the file system, using a path traversal. This issue is fixed in 2.10. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
| reference_url |
https://github.com/samdoran/ansible |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
7.8 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
|
| 1 |
| value |
8.5 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N |
|
| 2 |
| value |
HIGH |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/samdoran/ansible |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:pypi/ansible@2.7.17 |
| purl |
pkg:pypi/ansible@2.7.17 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 2 |
| vulnerability |
VCID-49gh-wgmc-mfew |
|
| 3 |
| vulnerability |
VCID-5mcc-gtrr-j3e4 |
|
| 4 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 5 |
| vulnerability |
VCID-6hdk-ywcn-4qe4 |
|
| 6 |
| vulnerability |
VCID-6swz-79ue-bbef |
|
| 7 |
| vulnerability |
VCID-95kg-bk3s-g7gx |
|
| 8 |
| vulnerability |
VCID-98zq-xddz-dyc8 |
|
| 9 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 10 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 11 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 12 |
| vulnerability |
VCID-gnq4-v5a7-m3ew |
|
| 13 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 14 |
| vulnerability |
VCID-j4px-r23h-9kb7 |
|
| 15 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 16 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 17 |
| vulnerability |
VCID-nx86-xnct-afbs |
|
| 18 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
| 19 |
| vulnerability |
VCID-uvca-5e2n-pqew |
|
| 20 |
| vulnerability |
VCID-zcmk-4k97-kkd9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.7.17 |
|
| 1 |
| url |
pkg:pypi/ansible@2.8.0a1 |
| purl |
pkg:pypi/ansible@2.8.0a1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 2 |
| vulnerability |
VCID-4331-d5yy-uybc |
|
| 3 |
| vulnerability |
VCID-49gh-wgmc-mfew |
|
| 4 |
| vulnerability |
VCID-4tfv-snmv-bbax |
|
| 5 |
| vulnerability |
VCID-5mcc-gtrr-j3e4 |
|
| 6 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 7 |
| vulnerability |
VCID-6hdk-ywcn-4qe4 |
|
| 8 |
| vulnerability |
VCID-6smx-ju23-8qes |
|
| 9 |
| vulnerability |
VCID-6swz-79ue-bbef |
|
| 10 |
| vulnerability |
VCID-7d8z-g99x-7qh2 |
|
| 11 |
| vulnerability |
VCID-95kg-bk3s-g7gx |
|
| 12 |
| vulnerability |
VCID-98zq-xddz-dyc8 |
|
| 13 |
| vulnerability |
VCID-aq21-sp74-17gk |
|
| 14 |
| vulnerability |
VCID-axds-bd49-fbdj |
|
| 15 |
| vulnerability |
VCID-b423-t4kx-eqbq |
|
| 16 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 17 |
| vulnerability |
VCID-brft-snn6-guc8 |
|
| 18 |
| vulnerability |
VCID-bvsa-kz7r-zyea |
|
| 19 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 20 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 21 |
| vulnerability |
VCID-gnq4-v5a7-m3ew |
|
| 22 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 23 |
| vulnerability |
VCID-j4px-r23h-9kb7 |
|
| 24 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 25 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 26 |
| vulnerability |
VCID-mk3k-n9wn-q3ct |
|
| 27 |
| vulnerability |
VCID-n2b8-e8fa-2ue1 |
|
| 28 |
| vulnerability |
VCID-nx86-xnct-afbs |
|
| 29 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
| 30 |
| vulnerability |
VCID-rarq-tdjt-hff3 |
|
| 31 |
| vulnerability |
VCID-rnub-zmb6-5yhw |
|
| 32 |
| vulnerability |
VCID-uvca-5e2n-pqew |
|
| 33 |
| vulnerability |
VCID-xn7b-vz2e-6qdh |
|
| 34 |
| vulnerability |
VCID-xpfd-zdry-euh5 |
|
| 35 |
| vulnerability |
VCID-zcmk-4k97-kkd9 |
|
| 36 |
| vulnerability |
VCID-zjct-yufk-jkdg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.8.0a1 |
|
| 2 |
| url |
pkg:pypi/ansible@2.8.9 |
| purl |
pkg:pypi/ansible@2.8.9 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 2 |
| vulnerability |
VCID-4331-d5yy-uybc |
|
| 3 |
| vulnerability |
VCID-49gh-wgmc-mfew |
|
| 4 |
| vulnerability |
VCID-5mcc-gtrr-j3e4 |
|
| 5 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 6 |
| vulnerability |
VCID-6hdk-ywcn-4qe4 |
|
| 7 |
| vulnerability |
VCID-6swz-79ue-bbef |
|
| 8 |
| vulnerability |
VCID-7d8z-g99x-7qh2 |
|
| 9 |
| vulnerability |
VCID-95kg-bk3s-g7gx |
|
| 10 |
| vulnerability |
VCID-98zq-xddz-dyc8 |
|
| 11 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 12 |
| vulnerability |
VCID-bvsa-kz7r-zyea |
|
| 13 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 14 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 15 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 16 |
| vulnerability |
VCID-j4px-r23h-9kb7 |
|
| 17 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 18 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 19 |
| vulnerability |
VCID-nx86-xnct-afbs |
|
| 20 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
| 21 |
| vulnerability |
VCID-tfhg-gzz2-7qc5 |
|
| 22 |
| vulnerability |
VCID-uvca-5e2n-pqew |
|
| 23 |
| vulnerability |
VCID-xpfd-zdry-euh5 |
|
| 24 |
| vulnerability |
VCID-zjct-yufk-jkdg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.8.9 |
|
| 3 |
| url |
pkg:pypi/ansible@2.9.6 |
| purl |
pkg:pypi/ansible@2.9.6 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 2 |
| vulnerability |
VCID-4331-d5yy-uybc |
|
| 3 |
| vulnerability |
VCID-49gh-wgmc-mfew |
|
| 4 |
| vulnerability |
VCID-5mcc-gtrr-j3e4 |
|
| 5 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 6 |
| vulnerability |
VCID-6hdk-ywcn-4qe4 |
|
| 7 |
| vulnerability |
VCID-6swz-79ue-bbef |
|
| 8 |
| vulnerability |
VCID-7d8z-g99x-7qh2 |
|
| 9 |
| vulnerability |
VCID-98zq-xddz-dyc8 |
|
| 10 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 11 |
| vulnerability |
VCID-bvsa-kz7r-zyea |
|
| 12 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 13 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 14 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 15 |
| vulnerability |
VCID-j4px-r23h-9kb7 |
|
| 16 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 17 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 18 |
| vulnerability |
VCID-nx86-xnct-afbs |
|
| 19 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
| 20 |
| vulnerability |
VCID-rarq-tdjt-hff3 |
|
| 21 |
| vulnerability |
VCID-tfhg-gzz2-7qc5 |
|
| 22 |
| vulnerability |
VCID-uvca-5e2n-pqew |
|
| 23 |
| vulnerability |
VCID-xpfd-zdry-euh5 |
|
| 24 |
| vulnerability |
VCID-ydka-2etb-hue9 |
|
| 25 |
| vulnerability |
VCID-zjct-yufk-jkdg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.6 |
|
|
| aliases |
CVE-2020-1737, GHSA-893h-35v4-mxqx, PYSEC-2020-9
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-brft-snn6-guc8 |
|
| 19 |
| url |
VCID-d8by-xxm3-xkhb |
| vulnerability_id |
VCID-d8by-xxm3-xkhb |
| summary |
Ansible Community General Collection is vulnerable to exposure of sensitive information
A flaw was found in ansible-collection-community-general. This vulnerability allows for information exposure (IE) of sensitive credentials, specifically plaintext passwords, via verbose output when running Ansible with debug modes. Attackers with access to logs could retrieve these secrets and potentially compromise Keycloak accounts or administrative access. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
|
| fixed_packages |
|
| aliases |
CVE-2025-14010, GHSA-8ggh-xwr9-3373
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-d8by-xxm3-xkhb |
|
| 20 |
|
| 21 |
| url |
VCID-gnq4-v5a7-m3ew |
| vulnerability_id |
VCID-gnq4-v5a7-m3ew |
| summary |
A vulnerability was found in Ansible engine 2.x up to 2.8 and Ansible tower 3.x up to 3.5. When a module has an argument_spec with sub parameters marked as no_log, passing an invalid parameter name to the module will cause the task to fail before the no_log options in the sub parameters are processed. As a result, data in the sub parameter fields will not be masked and will be displayed if Ansible is run with increased verbosity and present in the module invocation arguments for the task. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
| reference_url |
https://github.com/ansible/ansible |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
5.5 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
|
| 1 |
| value |
6.8 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/ansible/ansible |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:pypi/ansible@2.6.20 |
| purl |
pkg:pypi/ansible@2.6.20 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 2 |
| vulnerability |
VCID-4331-d5yy-uybc |
|
| 3 |
| vulnerability |
VCID-49gh-wgmc-mfew |
|
| 4 |
| vulnerability |
VCID-5mcc-gtrr-j3e4 |
|
| 5 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 6 |
| vulnerability |
VCID-6hdk-ywcn-4qe4 |
|
| 7 |
| vulnerability |
VCID-6swz-79ue-bbef |
|
| 8 |
| vulnerability |
VCID-95kg-bk3s-g7gx |
|
| 9 |
| vulnerability |
VCID-98zq-xddz-dyc8 |
|
| 10 |
| vulnerability |
VCID-axds-bd49-fbdj |
|
| 11 |
| vulnerability |
VCID-b423-t4kx-eqbq |
|
| 12 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 13 |
| vulnerability |
VCID-brft-snn6-guc8 |
|
| 14 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 15 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 16 |
| vulnerability |
VCID-gnq4-v5a7-m3ew |
|
| 17 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 18 |
| vulnerability |
VCID-j4px-r23h-9kb7 |
|
| 19 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 20 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 21 |
| vulnerability |
VCID-n2b8-e8fa-2ue1 |
|
| 22 |
| vulnerability |
VCID-nx86-xnct-afbs |
|
| 23 |
| vulnerability |
VCID-p6cz-c9ah-c7cp |
|
| 24 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
| 25 |
| vulnerability |
VCID-rarq-tdjt-hff3 |
|
| 26 |
| vulnerability |
VCID-rnub-zmb6-5yhw |
|
| 27 |
| vulnerability |
VCID-uvca-5e2n-pqew |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.6.20 |
|
| 1 |
| url |
pkg:pypi/ansible@2.7.14 |
| purl |
pkg:pypi/ansible@2.7.14 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 2 |
| vulnerability |
VCID-4331-d5yy-uybc |
|
| 3 |
| vulnerability |
VCID-49gh-wgmc-mfew |
|
| 4 |
| vulnerability |
VCID-4tfv-snmv-bbax |
|
| 5 |
| vulnerability |
VCID-5mcc-gtrr-j3e4 |
|
| 6 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 7 |
| vulnerability |
VCID-6hdk-ywcn-4qe4 |
|
| 8 |
| vulnerability |
VCID-6swz-79ue-bbef |
|
| 9 |
| vulnerability |
VCID-95kg-bk3s-g7gx |
|
| 10 |
| vulnerability |
VCID-98zq-xddz-dyc8 |
|
| 11 |
| vulnerability |
VCID-aq21-sp74-17gk |
|
| 12 |
| vulnerability |
VCID-axds-bd49-fbdj |
|
| 13 |
| vulnerability |
VCID-b423-t4kx-eqbq |
|
| 14 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 15 |
| vulnerability |
VCID-brft-snn6-guc8 |
|
| 16 |
| vulnerability |
VCID-bvsa-kz7r-zyea |
|
| 17 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 18 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 19 |
| vulnerability |
VCID-gnq4-v5a7-m3ew |
|
| 20 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 21 |
| vulnerability |
VCID-j4px-r23h-9kb7 |
|
| 22 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 23 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 24 |
| vulnerability |
VCID-n2b8-e8fa-2ue1 |
|
| 25 |
| vulnerability |
VCID-nx86-xnct-afbs |
|
| 26 |
| vulnerability |
VCID-p6cz-c9ah-c7cp |
|
| 27 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
| 28 |
| vulnerability |
VCID-rarq-tdjt-hff3 |
|
| 29 |
| vulnerability |
VCID-rnub-zmb6-5yhw |
|
| 30 |
| vulnerability |
VCID-uvca-5e2n-pqew |
|
| 31 |
| vulnerability |
VCID-vctt-ev3n-zkf8 |
|
| 32 |
| vulnerability |
VCID-xpfd-zdry-euh5 |
|
| 33 |
| vulnerability |
VCID-zcmk-4k97-kkd9 |
|
| 34 |
| vulnerability |
VCID-zjct-yufk-jkdg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.7.14 |
|
| 2 |
| url |
pkg:pypi/ansible@2.8.1 |
| purl |
pkg:pypi/ansible@2.8.1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-39vn-b7y4-v3ez |
|
| 2 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 3 |
| vulnerability |
VCID-4331-d5yy-uybc |
|
| 4 |
| vulnerability |
VCID-46yu-yqv4-1ugb |
|
| 5 |
| vulnerability |
VCID-49gh-wgmc-mfew |
|
| 6 |
| vulnerability |
VCID-4tfv-snmv-bbax |
|
| 7 |
| vulnerability |
VCID-52zf-mjec-f3d5 |
|
| 8 |
| vulnerability |
VCID-5mcc-gtrr-j3e4 |
|
| 9 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 10 |
| vulnerability |
VCID-6hdk-ywcn-4qe4 |
|
| 11 |
| vulnerability |
VCID-6smx-ju23-8qes |
|
| 12 |
| vulnerability |
VCID-6swz-79ue-bbef |
|
| 13 |
| vulnerability |
VCID-7d8z-g99x-7qh2 |
|
| 14 |
| vulnerability |
VCID-95kg-bk3s-g7gx |
|
| 15 |
| vulnerability |
VCID-98zq-xddz-dyc8 |
|
| 16 |
| vulnerability |
VCID-aq21-sp74-17gk |
|
| 17 |
| vulnerability |
VCID-axds-bd49-fbdj |
|
| 18 |
| vulnerability |
VCID-b423-t4kx-eqbq |
|
| 19 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 20 |
| vulnerability |
VCID-brft-snn6-guc8 |
|
| 21 |
| vulnerability |
VCID-bvsa-kz7r-zyea |
|
| 22 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 23 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 24 |
| vulnerability |
VCID-gnq4-v5a7-m3ew |
|
| 25 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 26 |
| vulnerability |
VCID-j4px-r23h-9kb7 |
|
| 27 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 28 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 29 |
| vulnerability |
VCID-mk3k-n9wn-q3ct |
|
| 30 |
| vulnerability |
VCID-n2b8-e8fa-2ue1 |
|
| 31 |
| vulnerability |
VCID-nx86-xnct-afbs |
|
| 32 |
| vulnerability |
VCID-p6cz-c9ah-c7cp |
|
| 33 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
| 34 |
| vulnerability |
VCID-rarq-tdjt-hff3 |
|
| 35 |
| vulnerability |
VCID-rnub-zmb6-5yhw |
|
| 36 |
| vulnerability |
VCID-sdv2-h8d8-9ydj |
|
| 37 |
| vulnerability |
VCID-tfhg-gzz2-7qc5 |
|
| 38 |
| vulnerability |
VCID-uvca-5e2n-pqew |
|
| 39 |
| vulnerability |
VCID-vctt-ev3n-zkf8 |
|
| 40 |
| vulnerability |
VCID-xk7s-y611-mffc |
|
| 41 |
| vulnerability |
VCID-xn7b-vz2e-6qdh |
|
| 42 |
| vulnerability |
VCID-xpfd-zdry-euh5 |
|
| 43 |
| vulnerability |
VCID-zjct-yufk-jkdg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.8.1 |
|
| 3 |
| url |
pkg:pypi/ansible@2.8.6 |
| purl |
pkg:pypi/ansible@2.8.6 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 2 |
| vulnerability |
VCID-4331-d5yy-uybc |
|
| 3 |
| vulnerability |
VCID-49gh-wgmc-mfew |
|
| 4 |
| vulnerability |
VCID-4tfv-snmv-bbax |
|
| 5 |
| vulnerability |
VCID-5mcc-gtrr-j3e4 |
|
| 6 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 7 |
| vulnerability |
VCID-6hdk-ywcn-4qe4 |
|
| 8 |
| vulnerability |
VCID-6swz-79ue-bbef |
|
| 9 |
| vulnerability |
VCID-7d8z-g99x-7qh2 |
|
| 10 |
| vulnerability |
VCID-95kg-bk3s-g7gx |
|
| 11 |
| vulnerability |
VCID-98zq-xddz-dyc8 |
|
| 12 |
| vulnerability |
VCID-aq21-sp74-17gk |
|
| 13 |
| vulnerability |
VCID-axds-bd49-fbdj |
|
| 14 |
| vulnerability |
VCID-b423-t4kx-eqbq |
|
| 15 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 16 |
| vulnerability |
VCID-brft-snn6-guc8 |
|
| 17 |
| vulnerability |
VCID-bvsa-kz7r-zyea |
|
| 18 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 19 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 20 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 21 |
| vulnerability |
VCID-j4px-r23h-9kb7 |
|
| 22 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 23 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 24 |
| vulnerability |
VCID-n2b8-e8fa-2ue1 |
|
| 25 |
| vulnerability |
VCID-nx86-xnct-afbs |
|
| 26 |
| vulnerability |
VCID-p6cz-c9ah-c7cp |
|
| 27 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
| 28 |
| vulnerability |
VCID-rarq-tdjt-hff3 |
|
| 29 |
| vulnerability |
VCID-rnub-zmb6-5yhw |
|
| 30 |
| vulnerability |
VCID-tfhg-gzz2-7qc5 |
|
| 31 |
| vulnerability |
VCID-uvca-5e2n-pqew |
|
| 32 |
| vulnerability |
VCID-vctt-ev3n-zkf8 |
|
| 33 |
| vulnerability |
VCID-xpfd-zdry-euh5 |
|
| 34 |
| vulnerability |
VCID-zjct-yufk-jkdg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.8.6 |
|
| 4 |
| url |
pkg:pypi/ansible@2.9.0rc4 |
| purl |
pkg:pypi/ansible@2.9.0rc4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 2 |
| vulnerability |
VCID-4331-d5yy-uybc |
|
| 3 |
| vulnerability |
VCID-49gh-wgmc-mfew |
|
| 4 |
| vulnerability |
VCID-4tfv-snmv-bbax |
|
| 5 |
| vulnerability |
VCID-5mcc-gtrr-j3e4 |
|
| 6 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 7 |
| vulnerability |
VCID-6swz-79ue-bbef |
|
| 8 |
| vulnerability |
VCID-7d8z-g99x-7qh2 |
|
| 9 |
| vulnerability |
VCID-95kg-bk3s-g7gx |
|
| 10 |
| vulnerability |
VCID-98zq-xddz-dyc8 |
|
| 11 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 12 |
| vulnerability |
VCID-bvsa-kz7r-zyea |
|
| 13 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 14 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 15 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 16 |
| vulnerability |
VCID-j4px-r23h-9kb7 |
|
| 17 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 18 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 19 |
| vulnerability |
VCID-nx86-xnct-afbs |
|
| 20 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
| 21 |
| vulnerability |
VCID-uvca-5e2n-pqew |
|
| 22 |
| vulnerability |
VCID-zjct-yufk-jkdg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.0rc4 |
|
|
| aliases |
CVE-2019-14858, GHSA-h653-95qw-h2mp, PYSEC-2019-171
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-gnq4-v5a7-m3ew |
|
| 22 |
| url |
VCID-hyr1-b223-bkef |
| vulnerability_id |
VCID-hyr1-b223-bkef |
| summary |
A flaw was found in Ansible Engine when a file is moved using atomic_move primitive as the file mode cannot be specified. This sets the destination files world-readable if the destination file does not exist and if the file exists, the file could be changed to have less restrictive permissions before the move. This could lead to the disclosure of sensitive data. All versions in 2.7.x, 2.8.x and 2.9.x branches are believed to be vulnerable. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
| reference_url |
https://github.com/advisories/GHSA-x7jh-595q-wq82 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
3.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N |
|
| 1 |
| value |
MODERATE |
| scoring_system |
cvssv3.1_qr |
| scoring_elements |
|
|
| 2 |
| value |
4.8 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N |
|
| 3 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/advisories/GHSA-x7jh-595q-wq82 |
|
| 5 |
| reference_url |
https://github.com/ansible/ansible |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
3.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N |
|
| 1 |
| value |
4.8 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/ansible/ansible |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:pypi/ansible@2.7.17 |
| purl |
pkg:pypi/ansible@2.7.17 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 2 |
| vulnerability |
VCID-49gh-wgmc-mfew |
|
| 3 |
| vulnerability |
VCID-5mcc-gtrr-j3e4 |
|
| 4 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 5 |
| vulnerability |
VCID-6hdk-ywcn-4qe4 |
|
| 6 |
| vulnerability |
VCID-6swz-79ue-bbef |
|
| 7 |
| vulnerability |
VCID-95kg-bk3s-g7gx |
|
| 8 |
| vulnerability |
VCID-98zq-xddz-dyc8 |
|
| 9 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 10 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 11 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 12 |
| vulnerability |
VCID-gnq4-v5a7-m3ew |
|
| 13 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 14 |
| vulnerability |
VCID-j4px-r23h-9kb7 |
|
| 15 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 16 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 17 |
| vulnerability |
VCID-nx86-xnct-afbs |
|
| 18 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
| 19 |
| vulnerability |
VCID-uvca-5e2n-pqew |
|
| 20 |
| vulnerability |
VCID-zcmk-4k97-kkd9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.7.17 |
|
| 1 |
| url |
pkg:pypi/ansible@2.8.9 |
| purl |
pkg:pypi/ansible@2.8.9 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 2 |
| vulnerability |
VCID-4331-d5yy-uybc |
|
| 3 |
| vulnerability |
VCID-49gh-wgmc-mfew |
|
| 4 |
| vulnerability |
VCID-5mcc-gtrr-j3e4 |
|
| 5 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 6 |
| vulnerability |
VCID-6hdk-ywcn-4qe4 |
|
| 7 |
| vulnerability |
VCID-6swz-79ue-bbef |
|
| 8 |
| vulnerability |
VCID-7d8z-g99x-7qh2 |
|
| 9 |
| vulnerability |
VCID-95kg-bk3s-g7gx |
|
| 10 |
| vulnerability |
VCID-98zq-xddz-dyc8 |
|
| 11 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 12 |
| vulnerability |
VCID-bvsa-kz7r-zyea |
|
| 13 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 14 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 15 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 16 |
| vulnerability |
VCID-j4px-r23h-9kb7 |
|
| 17 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 18 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 19 |
| vulnerability |
VCID-nx86-xnct-afbs |
|
| 20 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
| 21 |
| vulnerability |
VCID-tfhg-gzz2-7qc5 |
|
| 22 |
| vulnerability |
VCID-uvca-5e2n-pqew |
|
| 23 |
| vulnerability |
VCID-xpfd-zdry-euh5 |
|
| 24 |
| vulnerability |
VCID-zjct-yufk-jkdg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.8.9 |
|
| 2 |
| url |
pkg:pypi/ansible@2.9.6 |
| purl |
pkg:pypi/ansible@2.9.6 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 2 |
| vulnerability |
VCID-4331-d5yy-uybc |
|
| 3 |
| vulnerability |
VCID-49gh-wgmc-mfew |
|
| 4 |
| vulnerability |
VCID-5mcc-gtrr-j3e4 |
|
| 5 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 6 |
| vulnerability |
VCID-6hdk-ywcn-4qe4 |
|
| 7 |
| vulnerability |
VCID-6swz-79ue-bbef |
|
| 8 |
| vulnerability |
VCID-7d8z-g99x-7qh2 |
|
| 9 |
| vulnerability |
VCID-98zq-xddz-dyc8 |
|
| 10 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 11 |
| vulnerability |
VCID-bvsa-kz7r-zyea |
|
| 12 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 13 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 14 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 15 |
| vulnerability |
VCID-j4px-r23h-9kb7 |
|
| 16 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 17 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 18 |
| vulnerability |
VCID-nx86-xnct-afbs |
|
| 19 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
| 20 |
| vulnerability |
VCID-rarq-tdjt-hff3 |
|
| 21 |
| vulnerability |
VCID-tfhg-gzz2-7qc5 |
|
| 22 |
| vulnerability |
VCID-uvca-5e2n-pqew |
|
| 23 |
| vulnerability |
VCID-xpfd-zdry-euh5 |
|
| 24 |
| vulnerability |
VCID-ydka-2etb-hue9 |
|
| 25 |
| vulnerability |
VCID-zjct-yufk-jkdg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.6 |
|
| 3 |
|
|
| aliases |
CVE-2020-1736, GHSA-x7jh-595q-wq82, PYSEC-2020-8
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-hyr1-b223-bkef |
|
| 23 |
|
| 24 |
|
| 25 |
| url |
VCID-m87b-eb5y-8ydf |
| vulnerability_id |
VCID-m87b-eb5y-8ydf |
| summary |
A flaw was found in Ansible Base when using the aws_ssm connection plugin as garbage collector is not happening after playbook run is completed. Files would remain in the bucket exposing the data. This issue affects directly data confidentiality. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2020-25635, GHSA-f556-49jc-4rvc, PYSEC-2020-220
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-m87b-eb5y-8ydf |
|
| 26 |
| url |
VCID-n2b8-e8fa-2ue1 |
| vulnerability_id |
VCID-n2b8-e8fa-2ue1 |
| summary |
A flaw was found in Ansible Engine when using Ansible Vault for editing encrypted files. When a user executes "ansible-vault edit", another user on the same computer can read the old and new secret, as it is created in a temporary file with mkstemp and the returned file descriptor is closed and the method write_data is called to write the existing secret in the file. This method will delete the file before recreating it insecurely. All versions in 2.7.x, 2.8.x and 2.9.x branches are believed to be vulnerable. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
| reference_url |
https://github.com/advisories/GHSA-vcg8-98q8-g7mj |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
4.7 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N |
|
| 1 |
| value |
MODERATE |
| scoring_system |
cvssv3.1_qr |
| scoring_elements |
|
|
| 2 |
| value |
5.7 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N |
|
| 3 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/advisories/GHSA-vcg8-98q8-g7mj |
|
| 23 |
| reference_url |
https://github.com/ansible/ansible |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
4.7 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N |
|
| 1 |
| value |
5.7 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/ansible/ansible |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
| 41 |
|
| 42 |
|
| 43 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:pypi/ansible@2.7.17 |
| purl |
pkg:pypi/ansible@2.7.17 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 2 |
| vulnerability |
VCID-49gh-wgmc-mfew |
|
| 3 |
| vulnerability |
VCID-5mcc-gtrr-j3e4 |
|
| 4 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 5 |
| vulnerability |
VCID-6hdk-ywcn-4qe4 |
|
| 6 |
| vulnerability |
VCID-6swz-79ue-bbef |
|
| 7 |
| vulnerability |
VCID-95kg-bk3s-g7gx |
|
| 8 |
| vulnerability |
VCID-98zq-xddz-dyc8 |
|
| 9 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 10 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 11 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 12 |
| vulnerability |
VCID-gnq4-v5a7-m3ew |
|
| 13 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 14 |
| vulnerability |
VCID-j4px-r23h-9kb7 |
|
| 15 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 16 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 17 |
| vulnerability |
VCID-nx86-xnct-afbs |
|
| 18 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
| 19 |
| vulnerability |
VCID-uvca-5e2n-pqew |
|
| 20 |
| vulnerability |
VCID-zcmk-4k97-kkd9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.7.17 |
|
| 1 |
| url |
pkg:pypi/ansible@2.8.0a1 |
| purl |
pkg:pypi/ansible@2.8.0a1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 2 |
| vulnerability |
VCID-4331-d5yy-uybc |
|
| 3 |
| vulnerability |
VCID-49gh-wgmc-mfew |
|
| 4 |
| vulnerability |
VCID-4tfv-snmv-bbax |
|
| 5 |
| vulnerability |
VCID-5mcc-gtrr-j3e4 |
|
| 6 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 7 |
| vulnerability |
VCID-6hdk-ywcn-4qe4 |
|
| 8 |
| vulnerability |
VCID-6smx-ju23-8qes |
|
| 9 |
| vulnerability |
VCID-6swz-79ue-bbef |
|
| 10 |
| vulnerability |
VCID-7d8z-g99x-7qh2 |
|
| 11 |
| vulnerability |
VCID-95kg-bk3s-g7gx |
|
| 12 |
| vulnerability |
VCID-98zq-xddz-dyc8 |
|
| 13 |
| vulnerability |
VCID-aq21-sp74-17gk |
|
| 14 |
| vulnerability |
VCID-axds-bd49-fbdj |
|
| 15 |
| vulnerability |
VCID-b423-t4kx-eqbq |
|
| 16 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 17 |
| vulnerability |
VCID-brft-snn6-guc8 |
|
| 18 |
| vulnerability |
VCID-bvsa-kz7r-zyea |
|
| 19 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 20 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 21 |
| vulnerability |
VCID-gnq4-v5a7-m3ew |
|
| 22 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 23 |
| vulnerability |
VCID-j4px-r23h-9kb7 |
|
| 24 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 25 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 26 |
| vulnerability |
VCID-mk3k-n9wn-q3ct |
|
| 27 |
| vulnerability |
VCID-n2b8-e8fa-2ue1 |
|
| 28 |
| vulnerability |
VCID-nx86-xnct-afbs |
|
| 29 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
| 30 |
| vulnerability |
VCID-rarq-tdjt-hff3 |
|
| 31 |
| vulnerability |
VCID-rnub-zmb6-5yhw |
|
| 32 |
| vulnerability |
VCID-uvca-5e2n-pqew |
|
| 33 |
| vulnerability |
VCID-xn7b-vz2e-6qdh |
|
| 34 |
| vulnerability |
VCID-xpfd-zdry-euh5 |
|
| 35 |
| vulnerability |
VCID-zcmk-4k97-kkd9 |
|
| 36 |
| vulnerability |
VCID-zjct-yufk-jkdg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.8.0a1 |
|
| 2 |
| url |
pkg:pypi/ansible@2.8.9 |
| purl |
pkg:pypi/ansible@2.8.9 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 2 |
| vulnerability |
VCID-4331-d5yy-uybc |
|
| 3 |
| vulnerability |
VCID-49gh-wgmc-mfew |
|
| 4 |
| vulnerability |
VCID-5mcc-gtrr-j3e4 |
|
| 5 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 6 |
| vulnerability |
VCID-6hdk-ywcn-4qe4 |
|
| 7 |
| vulnerability |
VCID-6swz-79ue-bbef |
|
| 8 |
| vulnerability |
VCID-7d8z-g99x-7qh2 |
|
| 9 |
| vulnerability |
VCID-95kg-bk3s-g7gx |
|
| 10 |
| vulnerability |
VCID-98zq-xddz-dyc8 |
|
| 11 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 12 |
| vulnerability |
VCID-bvsa-kz7r-zyea |
|
| 13 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 14 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 15 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 16 |
| vulnerability |
VCID-j4px-r23h-9kb7 |
|
| 17 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 18 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 19 |
| vulnerability |
VCID-nx86-xnct-afbs |
|
| 20 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
| 21 |
| vulnerability |
VCID-tfhg-gzz2-7qc5 |
|
| 22 |
| vulnerability |
VCID-uvca-5e2n-pqew |
|
| 23 |
| vulnerability |
VCID-xpfd-zdry-euh5 |
|
| 24 |
| vulnerability |
VCID-zjct-yufk-jkdg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.8.9 |
|
| 3 |
| url |
pkg:pypi/ansible@2.8.11 |
| purl |
pkg:pypi/ansible@2.8.11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 2 |
| vulnerability |
VCID-49gh-wgmc-mfew |
|
| 3 |
| vulnerability |
VCID-5mcc-gtrr-j3e4 |
|
| 4 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 5 |
| vulnerability |
VCID-6swz-79ue-bbef |
|
| 6 |
| vulnerability |
VCID-7d8z-g99x-7qh2 |
|
| 7 |
| vulnerability |
VCID-95kg-bk3s-g7gx |
|
| 8 |
| vulnerability |
VCID-98zq-xddz-dyc8 |
|
| 9 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 10 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 11 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 12 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 13 |
| vulnerability |
VCID-j4px-r23h-9kb7 |
|
| 14 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 15 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 16 |
| vulnerability |
VCID-nx86-xnct-afbs |
|
| 17 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
| 18 |
| vulnerability |
VCID-tfhg-gzz2-7qc5 |
|
| 19 |
| vulnerability |
VCID-uvca-5e2n-pqew |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.8.11 |
|
| 4 |
| url |
pkg:pypi/ansible@2.9.6 |
| purl |
pkg:pypi/ansible@2.9.6 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 2 |
| vulnerability |
VCID-4331-d5yy-uybc |
|
| 3 |
| vulnerability |
VCID-49gh-wgmc-mfew |
|
| 4 |
| vulnerability |
VCID-5mcc-gtrr-j3e4 |
|
| 5 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 6 |
| vulnerability |
VCID-6hdk-ywcn-4qe4 |
|
| 7 |
| vulnerability |
VCID-6swz-79ue-bbef |
|
| 8 |
| vulnerability |
VCID-7d8z-g99x-7qh2 |
|
| 9 |
| vulnerability |
VCID-98zq-xddz-dyc8 |
|
| 10 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 11 |
| vulnerability |
VCID-bvsa-kz7r-zyea |
|
| 12 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 13 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 14 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 15 |
| vulnerability |
VCID-j4px-r23h-9kb7 |
|
| 16 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 17 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 18 |
| vulnerability |
VCID-nx86-xnct-afbs |
|
| 19 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
| 20 |
| vulnerability |
VCID-rarq-tdjt-hff3 |
|
| 21 |
| vulnerability |
VCID-tfhg-gzz2-7qc5 |
|
| 22 |
| vulnerability |
VCID-uvca-5e2n-pqew |
|
| 23 |
| vulnerability |
VCID-xpfd-zdry-euh5 |
|
| 24 |
| vulnerability |
VCID-ydka-2etb-hue9 |
|
| 25 |
| vulnerability |
VCID-zjct-yufk-jkdg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.6 |
|
| 5 |
| url |
pkg:pypi/ansible@2.9.7 |
| purl |
pkg:pypi/ansible@2.9.7 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 2 |
| vulnerability |
VCID-49gh-wgmc-mfew |
|
| 3 |
| vulnerability |
VCID-5mcc-gtrr-j3e4 |
|
| 4 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 5 |
| vulnerability |
VCID-6swz-79ue-bbef |
|
| 6 |
| vulnerability |
VCID-7d8z-g99x-7qh2 |
|
| 7 |
| vulnerability |
VCID-98zq-xddz-dyc8 |
|
| 8 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 9 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 10 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 11 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 12 |
| vulnerability |
VCID-j4px-r23h-9kb7 |
|
| 13 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 14 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 15 |
| vulnerability |
VCID-nx86-xnct-afbs |
|
| 16 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
| 17 |
| vulnerability |
VCID-tfhg-gzz2-7qc5 |
|
| 18 |
| vulnerability |
VCID-uvca-5e2n-pqew |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.7 |
|
|
| aliases |
CVE-2020-1740, GHSA-vcg8-98q8-g7mj, PYSEC-2020-12
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-n2b8-e8fa-2ue1 |
|
| 27 |
| url |
VCID-nx86-xnct-afbs |
| vulnerability_id |
VCID-nx86-xnct-afbs |
| summary |
An incomplete fix was found for the fix of the flaw CVE-2020-1733 ansible: insecure temporary directory when running become_user from become directive. The provided fix is insufficient to prevent the race condition on systems using ACLs and FUSE filesystems. Ansible Engine 2.7.18, 2.8.12, and 2.9.9 as well as previous versions are affected and Ansible Tower 3.4.5, 3.5.6 and 3.6.4 as well as previous versions are affected. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
| reference_url |
https://github.com/ansible/ansible |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
5.0 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L |
|
| 1 |
| value |
2.0 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L |
|
| 2 |
| value |
LOW |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/ansible/ansible |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:pypi/ansible@2.8.0a1 |
| purl |
pkg:pypi/ansible@2.8.0a1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 2 |
| vulnerability |
VCID-4331-d5yy-uybc |
|
| 3 |
| vulnerability |
VCID-49gh-wgmc-mfew |
|
| 4 |
| vulnerability |
VCID-4tfv-snmv-bbax |
|
| 5 |
| vulnerability |
VCID-5mcc-gtrr-j3e4 |
|
| 6 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 7 |
| vulnerability |
VCID-6hdk-ywcn-4qe4 |
|
| 8 |
| vulnerability |
VCID-6smx-ju23-8qes |
|
| 9 |
| vulnerability |
VCID-6swz-79ue-bbef |
|
| 10 |
| vulnerability |
VCID-7d8z-g99x-7qh2 |
|
| 11 |
| vulnerability |
VCID-95kg-bk3s-g7gx |
|
| 12 |
| vulnerability |
VCID-98zq-xddz-dyc8 |
|
| 13 |
| vulnerability |
VCID-aq21-sp74-17gk |
|
| 14 |
| vulnerability |
VCID-axds-bd49-fbdj |
|
| 15 |
| vulnerability |
VCID-b423-t4kx-eqbq |
|
| 16 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 17 |
| vulnerability |
VCID-brft-snn6-guc8 |
|
| 18 |
| vulnerability |
VCID-bvsa-kz7r-zyea |
|
| 19 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 20 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 21 |
| vulnerability |
VCID-gnq4-v5a7-m3ew |
|
| 22 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 23 |
| vulnerability |
VCID-j4px-r23h-9kb7 |
|
| 24 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 25 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 26 |
| vulnerability |
VCID-mk3k-n9wn-q3ct |
|
| 27 |
| vulnerability |
VCID-n2b8-e8fa-2ue1 |
|
| 28 |
| vulnerability |
VCID-nx86-xnct-afbs |
|
| 29 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
| 30 |
| vulnerability |
VCID-rarq-tdjt-hff3 |
|
| 31 |
| vulnerability |
VCID-rnub-zmb6-5yhw |
|
| 32 |
| vulnerability |
VCID-uvca-5e2n-pqew |
|
| 33 |
| vulnerability |
VCID-xn7b-vz2e-6qdh |
|
| 34 |
| vulnerability |
VCID-xpfd-zdry-euh5 |
|
| 35 |
| vulnerability |
VCID-zcmk-4k97-kkd9 |
|
| 36 |
| vulnerability |
VCID-zjct-yufk-jkdg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.8.0a1 |
|
| 1 |
| url |
pkg:pypi/ansible@2.8.13 |
| purl |
pkg:pypi/ansible@2.8.13 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 2 |
| vulnerability |
VCID-49gh-wgmc-mfew |
|
| 3 |
| vulnerability |
VCID-5mcc-gtrr-j3e4 |
|
| 4 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 5 |
| vulnerability |
VCID-7d8z-g99x-7qh2 |
|
| 6 |
| vulnerability |
VCID-95kg-bk3s-g7gx |
|
| 7 |
| vulnerability |
VCID-98zq-xddz-dyc8 |
|
| 8 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 9 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 10 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 11 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 12 |
| vulnerability |
VCID-j4px-r23h-9kb7 |
|
| 13 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 14 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 15 |
| vulnerability |
VCID-nx86-xnct-afbs |
|
| 16 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
| 17 |
| vulnerability |
VCID-tfhg-gzz2-7qc5 |
|
| 18 |
| vulnerability |
VCID-uvca-5e2n-pqew |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.8.13 |
|
| 2 |
| url |
pkg:pypi/ansible@2.9.10 |
| purl |
pkg:pypi/ansible@2.9.10 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 2 |
| vulnerability |
VCID-49gh-wgmc-mfew |
|
| 3 |
| vulnerability |
VCID-5mcc-gtrr-j3e4 |
|
| 4 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 5 |
| vulnerability |
VCID-6swz-79ue-bbef |
|
| 6 |
| vulnerability |
VCID-7d8z-g99x-7qh2 |
|
| 7 |
| vulnerability |
VCID-98zq-xddz-dyc8 |
|
| 8 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 9 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 10 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 11 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 12 |
| vulnerability |
VCID-j4px-r23h-9kb7 |
|
| 13 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 14 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 15 |
| vulnerability |
VCID-nx86-xnct-afbs |
|
| 16 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
| 17 |
| vulnerability |
VCID-tfhg-gzz2-7qc5 |
|
| 18 |
| vulnerability |
VCID-uvca-5e2n-pqew |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.10 |
|
| 3 |
| url |
pkg:pypi/ansible@2.9.12 |
| purl |
pkg:pypi/ansible@2.9.12 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 2 |
| vulnerability |
VCID-49gh-wgmc-mfew |
|
| 3 |
| vulnerability |
VCID-5mcc-gtrr-j3e4 |
|
| 4 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 5 |
| vulnerability |
VCID-7d8z-g99x-7qh2 |
|
| 6 |
| vulnerability |
VCID-98zq-xddz-dyc8 |
|
| 7 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 8 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 9 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 10 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 11 |
| vulnerability |
VCID-j4px-r23h-9kb7 |
|
| 12 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 13 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 14 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
| 15 |
| vulnerability |
VCID-uvca-5e2n-pqew |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.12 |
|
| 4 |
|
|
| aliases |
CVE-2020-10744, GHSA-vp9j-rghq-8jhh, PYSEC-2020-208
|
| risk_score |
1.4 |
| exploitability |
0.5 |
| weighted_severity |
2.7 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-nx86-xnct-afbs |
|
| 28 |
| url |
VCID-p6cz-c9ah-c7cp |
| vulnerability_id |
VCID-p6cz-c9ah-c7cp |
| summary |
A flaw was found in the solaris_zone module from the Ansible Community modules. When setting the name for the zone on the Solaris host, the zone name is checked by listing the process with the 'ps' bare command on the remote machine. An attacker could take advantage of this flaw by crafting the name of the zone and executing arbitrary commands in the remote host. Ansible Engine 2.7.15, 2.8.7, and 2.9.2 as well as previous versions are affected. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:pypi/ansible@2.7.15 |
| purl |
pkg:pypi/ansible@2.7.15 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 2 |
| vulnerability |
VCID-4331-d5yy-uybc |
|
| 3 |
| vulnerability |
VCID-49gh-wgmc-mfew |
|
| 4 |
| vulnerability |
VCID-4tfv-snmv-bbax |
|
| 5 |
| vulnerability |
VCID-5mcc-gtrr-j3e4 |
|
| 6 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 7 |
| vulnerability |
VCID-6hdk-ywcn-4qe4 |
|
| 8 |
| vulnerability |
VCID-6swz-79ue-bbef |
|
| 9 |
| vulnerability |
VCID-95kg-bk3s-g7gx |
|
| 10 |
| vulnerability |
VCID-98zq-xddz-dyc8 |
|
| 11 |
| vulnerability |
VCID-aq21-sp74-17gk |
|
| 12 |
| vulnerability |
VCID-b423-t4kx-eqbq |
|
| 13 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 14 |
| vulnerability |
VCID-brft-snn6-guc8 |
|
| 15 |
| vulnerability |
VCID-bvsa-kz7r-zyea |
|
| 16 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 17 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 18 |
| vulnerability |
VCID-gnq4-v5a7-m3ew |
|
| 19 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 20 |
| vulnerability |
VCID-j4px-r23h-9kb7 |
|
| 21 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 22 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 23 |
| vulnerability |
VCID-n2b8-e8fa-2ue1 |
|
| 24 |
| vulnerability |
VCID-nx86-xnct-afbs |
|
| 25 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
| 26 |
| vulnerability |
VCID-rarq-tdjt-hff3 |
|
| 27 |
| vulnerability |
VCID-rnub-zmb6-5yhw |
|
| 28 |
| vulnerability |
VCID-uvca-5e2n-pqew |
|
| 29 |
| vulnerability |
VCID-xpfd-zdry-euh5 |
|
| 30 |
| vulnerability |
VCID-zcmk-4k97-kkd9 |
|
| 31 |
| vulnerability |
VCID-zjct-yufk-jkdg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.7.15 |
|
| 1 |
| url |
pkg:pypi/ansible@2.8.7 |
| purl |
pkg:pypi/ansible@2.8.7 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 2 |
| vulnerability |
VCID-4331-d5yy-uybc |
|
| 3 |
| vulnerability |
VCID-49gh-wgmc-mfew |
|
| 4 |
| vulnerability |
VCID-4tfv-snmv-bbax |
|
| 5 |
| vulnerability |
VCID-5mcc-gtrr-j3e4 |
|
| 6 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 7 |
| vulnerability |
VCID-6hdk-ywcn-4qe4 |
|
| 8 |
| vulnerability |
VCID-6swz-79ue-bbef |
|
| 9 |
| vulnerability |
VCID-7d8z-g99x-7qh2 |
|
| 10 |
| vulnerability |
VCID-95kg-bk3s-g7gx |
|
| 11 |
| vulnerability |
VCID-98zq-xddz-dyc8 |
|
| 12 |
| vulnerability |
VCID-aq21-sp74-17gk |
|
| 13 |
| vulnerability |
VCID-b423-t4kx-eqbq |
|
| 14 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 15 |
| vulnerability |
VCID-brft-snn6-guc8 |
|
| 16 |
| vulnerability |
VCID-bvsa-kz7r-zyea |
|
| 17 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 18 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 19 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 20 |
| vulnerability |
VCID-j4px-r23h-9kb7 |
|
| 21 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 22 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 23 |
| vulnerability |
VCID-n2b8-e8fa-2ue1 |
|
| 24 |
| vulnerability |
VCID-nx86-xnct-afbs |
|
| 25 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
| 26 |
| vulnerability |
VCID-rarq-tdjt-hff3 |
|
| 27 |
| vulnerability |
VCID-rnub-zmb6-5yhw |
|
| 28 |
| vulnerability |
VCID-tfhg-gzz2-7qc5 |
|
| 29 |
| vulnerability |
VCID-uvca-5e2n-pqew |
|
| 30 |
| vulnerability |
VCID-xpfd-zdry-euh5 |
|
| 31 |
| vulnerability |
VCID-zjct-yufk-jkdg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.8.7 |
|
| 2 |
| url |
pkg:pypi/ansible@2.9.2 |
| purl |
pkg:pypi/ansible@2.9.2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 2 |
| vulnerability |
VCID-4331-d5yy-uybc |
|
| 3 |
| vulnerability |
VCID-49gh-wgmc-mfew |
|
| 4 |
| vulnerability |
VCID-4tfv-snmv-bbax |
|
| 5 |
| vulnerability |
VCID-5mcc-gtrr-j3e4 |
|
| 6 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 7 |
| vulnerability |
VCID-6hdk-ywcn-4qe4 |
|
| 8 |
| vulnerability |
VCID-6swz-79ue-bbef |
|
| 9 |
| vulnerability |
VCID-7d8z-g99x-7qh2 |
|
| 10 |
| vulnerability |
VCID-95kg-bk3s-g7gx |
|
| 11 |
| vulnerability |
VCID-98zq-xddz-dyc8 |
|
| 12 |
| vulnerability |
VCID-b423-t4kx-eqbq |
|
| 13 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 14 |
| vulnerability |
VCID-brft-snn6-guc8 |
|
| 15 |
| vulnerability |
VCID-bvsa-kz7r-zyea |
|
| 16 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 17 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 18 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 19 |
| vulnerability |
VCID-j4px-r23h-9kb7 |
|
| 20 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 21 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 22 |
| vulnerability |
VCID-n2b8-e8fa-2ue1 |
|
| 23 |
| vulnerability |
VCID-nx86-xnct-afbs |
|
| 24 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
| 25 |
| vulnerability |
VCID-rarq-tdjt-hff3 |
|
| 26 |
| vulnerability |
VCID-rnub-zmb6-5yhw |
|
| 27 |
| vulnerability |
VCID-tfhg-gzz2-7qc5 |
|
| 28 |
| vulnerability |
VCID-uvca-5e2n-pqew |
|
| 29 |
| vulnerability |
VCID-xpfd-zdry-euh5 |
|
| 30 |
| vulnerability |
VCID-ydka-2etb-hue9 |
|
| 31 |
| vulnerability |
VCID-zjct-yufk-jkdg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.2 |
|
|
| aliases |
PYSEC-2020-180
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-p6cz-c9ah-c7cp |
|
| 29 |
| url |
VCID-qbws-64b9-83fc |
| vulnerability_id |
VCID-qbws-64b9-83fc |
| summary |
In ansible it was found that inventory variables are loaded from current working directory when running ad-hoc command which are under attacker's control, allowing to run arbitrary code as a result. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
| reference_url |
https://github.com/ansible/ansible |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
7.8 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
|
| 1 |
| value |
8.5 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N |
|
| 2 |
| value |
HIGH |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/ansible/ansible |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
| reference_url |
https://usn.ubuntu.com/4072-1 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
7.8 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
|
| 1 |
| value |
8.5 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N |
|
| 2 |
| value |
HIGH |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://usn.ubuntu.com/4072-1 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:pypi/ansible@2.4.6.0 |
| purl |
pkg:pypi/ansible@2.4.6.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 2 |
| vulnerability |
VCID-4331-d5yy-uybc |
|
| 3 |
| vulnerability |
VCID-46yu-yqv4-1ugb |
|
| 4 |
| vulnerability |
VCID-49gh-wgmc-mfew |
|
| 5 |
| vulnerability |
VCID-5mcc-gtrr-j3e4 |
|
| 6 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 7 |
| vulnerability |
VCID-6hdk-ywcn-4qe4 |
|
| 8 |
| vulnerability |
VCID-6smx-ju23-8qes |
|
| 9 |
| vulnerability |
VCID-6swz-79ue-bbef |
|
| 10 |
| vulnerability |
VCID-7f2g-zz9p-sufc |
|
| 11 |
| vulnerability |
VCID-826d-vdw1-dbaj |
|
| 12 |
| vulnerability |
VCID-95kg-bk3s-g7gx |
|
| 13 |
| vulnerability |
VCID-axds-bd49-fbdj |
|
| 14 |
| vulnerability |
VCID-b423-t4kx-eqbq |
|
| 15 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 16 |
| vulnerability |
VCID-bmq3-uckn-tfhk |
|
| 17 |
| vulnerability |
VCID-brft-snn6-guc8 |
|
| 18 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 19 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 20 |
| vulnerability |
VCID-gnq4-v5a7-m3ew |
|
| 21 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 22 |
| vulnerability |
VCID-j4px-r23h-9kb7 |
|
| 23 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 24 |
| vulnerability |
VCID-kva6-sjfx-rbe3 |
|
| 25 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 26 |
| vulnerability |
VCID-n2b8-e8fa-2ue1 |
|
| 27 |
| vulnerability |
VCID-nx86-xnct-afbs |
|
| 28 |
| vulnerability |
VCID-p6cz-c9ah-c7cp |
|
| 29 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
| 30 |
| vulnerability |
VCID-rarq-tdjt-hff3 |
|
| 31 |
| vulnerability |
VCID-rnub-zmb6-5yhw |
|
| 32 |
| vulnerability |
VCID-uvca-5e2n-pqew |
|
| 33 |
| vulnerability |
VCID-xk7s-y611-mffc |
|
| 34 |
| vulnerability |
VCID-xn7b-vz2e-6qdh |
|
| 35 |
| vulnerability |
VCID-zcmk-4k97-kkd9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.4.6.0 |
|
| 1 |
| url |
pkg:pypi/ansible@2.5.6 |
| purl |
pkg:pypi/ansible@2.5.6 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 2 |
| vulnerability |
VCID-3v1a-j6eq-57dk |
|
| 3 |
| vulnerability |
VCID-4331-d5yy-uybc |
|
| 4 |
| vulnerability |
VCID-46yu-yqv4-1ugb |
|
| 5 |
| vulnerability |
VCID-49gh-wgmc-mfew |
|
| 6 |
| vulnerability |
VCID-5mcc-gtrr-j3e4 |
|
| 7 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 8 |
| vulnerability |
VCID-6hdk-ywcn-4qe4 |
|
| 9 |
| vulnerability |
VCID-6smx-ju23-8qes |
|
| 10 |
| vulnerability |
VCID-6swz-79ue-bbef |
|
| 11 |
| vulnerability |
VCID-7f2g-zz9p-sufc |
|
| 12 |
| vulnerability |
VCID-826d-vdw1-dbaj |
|
| 13 |
| vulnerability |
VCID-95kg-bk3s-g7gx |
|
| 14 |
| vulnerability |
VCID-98zq-xddz-dyc8 |
|
| 15 |
| vulnerability |
VCID-axds-bd49-fbdj |
|
| 16 |
| vulnerability |
VCID-b423-t4kx-eqbq |
|
| 17 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 18 |
| vulnerability |
VCID-bmq3-uckn-tfhk |
|
| 19 |
| vulnerability |
VCID-brft-snn6-guc8 |
|
| 20 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 21 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 22 |
| vulnerability |
VCID-gnq4-v5a7-m3ew |
|
| 23 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 24 |
| vulnerability |
VCID-j4px-r23h-9kb7 |
|
| 25 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 26 |
| vulnerability |
VCID-kva6-sjfx-rbe3 |
|
| 27 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 28 |
| vulnerability |
VCID-n2b8-e8fa-2ue1 |
|
| 29 |
| vulnerability |
VCID-nx86-xnct-afbs |
|
| 30 |
| vulnerability |
VCID-p6cz-c9ah-c7cp |
|
| 31 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
| 32 |
| vulnerability |
VCID-rarq-tdjt-hff3 |
|
| 33 |
| vulnerability |
VCID-rnub-zmb6-5yhw |
|
| 34 |
| vulnerability |
VCID-uvca-5e2n-pqew |
|
| 35 |
| vulnerability |
VCID-xk7s-y611-mffc |
|
| 36 |
| vulnerability |
VCID-xn7b-vz2e-6qdh |
|
| 37 |
| vulnerability |
VCID-zcmk-4k97-kkd9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.5.6 |
|
| 2 |
| url |
pkg:pypi/ansible@2.6.1 |
| purl |
pkg:pypi/ansible@2.6.1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-39vn-b7y4-v3ez |
|
| 2 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 3 |
| vulnerability |
VCID-3v1a-j6eq-57dk |
|
| 4 |
| vulnerability |
VCID-4331-d5yy-uybc |
|
| 5 |
| vulnerability |
VCID-46yu-yqv4-1ugb |
|
| 6 |
| vulnerability |
VCID-49gh-wgmc-mfew |
|
| 7 |
| vulnerability |
VCID-52zf-mjec-f3d5 |
|
| 8 |
| vulnerability |
VCID-5mcc-gtrr-j3e4 |
|
| 9 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 10 |
| vulnerability |
VCID-6hdk-ywcn-4qe4 |
|
| 11 |
| vulnerability |
VCID-6smx-ju23-8qes |
|
| 12 |
| vulnerability |
VCID-6swz-79ue-bbef |
|
| 13 |
| vulnerability |
VCID-7f2g-zz9p-sufc |
|
| 14 |
| vulnerability |
VCID-826d-vdw1-dbaj |
|
| 15 |
| vulnerability |
VCID-95kg-bk3s-g7gx |
|
| 16 |
| vulnerability |
VCID-98zq-xddz-dyc8 |
|
| 17 |
| vulnerability |
VCID-axds-bd49-fbdj |
|
| 18 |
| vulnerability |
VCID-b423-t4kx-eqbq |
|
| 19 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 20 |
| vulnerability |
VCID-bmq3-uckn-tfhk |
|
| 21 |
| vulnerability |
VCID-brft-snn6-guc8 |
|
| 22 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 23 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 24 |
| vulnerability |
VCID-gnq4-v5a7-m3ew |
|
| 25 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 26 |
| vulnerability |
VCID-j4px-r23h-9kb7 |
|
| 27 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 28 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 29 |
| vulnerability |
VCID-n2b8-e8fa-2ue1 |
|
| 30 |
| vulnerability |
VCID-nx86-xnct-afbs |
|
| 31 |
| vulnerability |
VCID-p6cz-c9ah-c7cp |
|
| 32 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
| 33 |
| vulnerability |
VCID-rarq-tdjt-hff3 |
|
| 34 |
| vulnerability |
VCID-rnub-zmb6-5yhw |
|
| 35 |
| vulnerability |
VCID-uvca-5e2n-pqew |
|
| 36 |
| vulnerability |
VCID-xk7s-y611-mffc |
|
| 37 |
| vulnerability |
VCID-xn7b-vz2e-6qdh |
|
| 38 |
| vulnerability |
VCID-zcmk-4k97-kkd9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.6.1 |
|
|
| aliases |
CVE-2018-10874, GHSA-3xvg-x47j-x75w, PYSEC-2018-81
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-qbws-64b9-83fc |
|
| 30 |
| url |
VCID-qtt6-8kf8-1fbt |
| vulnerability_id |
VCID-qtt6-8kf8-1fbt |
| summary |
information disclosure |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
| reference_url |
https://bugzilla.redhat.com/show_bug.cgi?id=1975767 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
5.5 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
|
| 1 |
| value |
6.8 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 3 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:09:25Z/ |
|
|
| url |
https://bugzilla.redhat.com/show_bug.cgi?id=1975767 |
|
| 8 |
|
| 9 |
| reference_url |
https://github.com/advisories/GHSA-4r65-35qq-ch8j |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
5.5 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
|
| 1 |
| value |
MODERATE |
| scoring_system |
cvssv3.1_qr |
| scoring_elements |
|
|
| 2 |
| value |
6.8 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N |
|
| 3 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/advisories/GHSA-4r65-35qq-ch8j |
|
| 10 |
| reference_url |
https://github.com/ansible/ansible |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
5.5 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
|
| 1 |
| value |
6.8 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/ansible/ansible |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
|
| fixed_packages |
|
| aliases |
CVE-2021-3620, GHSA-4r65-35qq-ch8j, PYSEC-2022-164
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-qtt6-8kf8-1fbt |
|
| 31 |
| url |
VCID-rarq-tdjt-hff3 |
| vulnerability_id |
VCID-rarq-tdjt-hff3 |
| summary |
A flaw was found in Ansible Engine when the module package or service is used and the parameter 'use' is not specified. If a previous task is executed with a malicious user, the module sent can be selected by the attacker using the ansible facts file. All versions in 2.7.x, 2.8.x and 2.9.x branches are believed to be vulnerable. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
| reference_url |
https://github.com/ansible/ansible |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
3.9 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:L |
|
| 1 |
| value |
1.0 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:N/VI:N/VA:N/SC:N/SI:L/SA:L |
|
| 2 |
| value |
LOW |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/ansible/ansible |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:pypi/ansible@2.7.17 |
| purl |
pkg:pypi/ansible@2.7.17 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 2 |
| vulnerability |
VCID-49gh-wgmc-mfew |
|
| 3 |
| vulnerability |
VCID-5mcc-gtrr-j3e4 |
|
| 4 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 5 |
| vulnerability |
VCID-6hdk-ywcn-4qe4 |
|
| 6 |
| vulnerability |
VCID-6swz-79ue-bbef |
|
| 7 |
| vulnerability |
VCID-95kg-bk3s-g7gx |
|
| 8 |
| vulnerability |
VCID-98zq-xddz-dyc8 |
|
| 9 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 10 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 11 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 12 |
| vulnerability |
VCID-gnq4-v5a7-m3ew |
|
| 13 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 14 |
| vulnerability |
VCID-j4px-r23h-9kb7 |
|
| 15 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 16 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 17 |
| vulnerability |
VCID-nx86-xnct-afbs |
|
| 18 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
| 19 |
| vulnerability |
VCID-uvca-5e2n-pqew |
|
| 20 |
| vulnerability |
VCID-zcmk-4k97-kkd9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.7.17 |
|
| 1 |
| url |
pkg:pypi/ansible@2.8.0a1 |
| purl |
pkg:pypi/ansible@2.8.0a1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 2 |
| vulnerability |
VCID-4331-d5yy-uybc |
|
| 3 |
| vulnerability |
VCID-49gh-wgmc-mfew |
|
| 4 |
| vulnerability |
VCID-4tfv-snmv-bbax |
|
| 5 |
| vulnerability |
VCID-5mcc-gtrr-j3e4 |
|
| 6 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 7 |
| vulnerability |
VCID-6hdk-ywcn-4qe4 |
|
| 8 |
| vulnerability |
VCID-6smx-ju23-8qes |
|
| 9 |
| vulnerability |
VCID-6swz-79ue-bbef |
|
| 10 |
| vulnerability |
VCID-7d8z-g99x-7qh2 |
|
| 11 |
| vulnerability |
VCID-95kg-bk3s-g7gx |
|
| 12 |
| vulnerability |
VCID-98zq-xddz-dyc8 |
|
| 13 |
| vulnerability |
VCID-aq21-sp74-17gk |
|
| 14 |
| vulnerability |
VCID-axds-bd49-fbdj |
|
| 15 |
| vulnerability |
VCID-b423-t4kx-eqbq |
|
| 16 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 17 |
| vulnerability |
VCID-brft-snn6-guc8 |
|
| 18 |
| vulnerability |
VCID-bvsa-kz7r-zyea |
|
| 19 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 20 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 21 |
| vulnerability |
VCID-gnq4-v5a7-m3ew |
|
| 22 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 23 |
| vulnerability |
VCID-j4px-r23h-9kb7 |
|
| 24 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 25 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 26 |
| vulnerability |
VCID-mk3k-n9wn-q3ct |
|
| 27 |
| vulnerability |
VCID-n2b8-e8fa-2ue1 |
|
| 28 |
| vulnerability |
VCID-nx86-xnct-afbs |
|
| 29 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
| 30 |
| vulnerability |
VCID-rarq-tdjt-hff3 |
|
| 31 |
| vulnerability |
VCID-rnub-zmb6-5yhw |
|
| 32 |
| vulnerability |
VCID-uvca-5e2n-pqew |
|
| 33 |
| vulnerability |
VCID-xn7b-vz2e-6qdh |
|
| 34 |
| vulnerability |
VCID-xpfd-zdry-euh5 |
|
| 35 |
| vulnerability |
VCID-zcmk-4k97-kkd9 |
|
| 36 |
| vulnerability |
VCID-zjct-yufk-jkdg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.8.0a1 |
|
| 2 |
| url |
pkg:pypi/ansible@2.8.9 |
| purl |
pkg:pypi/ansible@2.8.9 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 2 |
| vulnerability |
VCID-4331-d5yy-uybc |
|
| 3 |
| vulnerability |
VCID-49gh-wgmc-mfew |
|
| 4 |
| vulnerability |
VCID-5mcc-gtrr-j3e4 |
|
| 5 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 6 |
| vulnerability |
VCID-6hdk-ywcn-4qe4 |
|
| 7 |
| vulnerability |
VCID-6swz-79ue-bbef |
|
| 8 |
| vulnerability |
VCID-7d8z-g99x-7qh2 |
|
| 9 |
| vulnerability |
VCID-95kg-bk3s-g7gx |
|
| 10 |
| vulnerability |
VCID-98zq-xddz-dyc8 |
|
| 11 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 12 |
| vulnerability |
VCID-bvsa-kz7r-zyea |
|
| 13 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 14 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 15 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 16 |
| vulnerability |
VCID-j4px-r23h-9kb7 |
|
| 17 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 18 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 19 |
| vulnerability |
VCID-nx86-xnct-afbs |
|
| 20 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
| 21 |
| vulnerability |
VCID-tfhg-gzz2-7qc5 |
|
| 22 |
| vulnerability |
VCID-uvca-5e2n-pqew |
|
| 23 |
| vulnerability |
VCID-xpfd-zdry-euh5 |
|
| 24 |
| vulnerability |
VCID-zjct-yufk-jkdg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.8.9 |
|
| 3 |
| url |
pkg:pypi/ansible@2.9.6 |
| purl |
pkg:pypi/ansible@2.9.6 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 2 |
| vulnerability |
VCID-4331-d5yy-uybc |
|
| 3 |
| vulnerability |
VCID-49gh-wgmc-mfew |
|
| 4 |
| vulnerability |
VCID-5mcc-gtrr-j3e4 |
|
| 5 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 6 |
| vulnerability |
VCID-6hdk-ywcn-4qe4 |
|
| 7 |
| vulnerability |
VCID-6swz-79ue-bbef |
|
| 8 |
| vulnerability |
VCID-7d8z-g99x-7qh2 |
|
| 9 |
| vulnerability |
VCID-98zq-xddz-dyc8 |
|
| 10 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 11 |
| vulnerability |
VCID-bvsa-kz7r-zyea |
|
| 12 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 13 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 14 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 15 |
| vulnerability |
VCID-j4px-r23h-9kb7 |
|
| 16 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 17 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 18 |
| vulnerability |
VCID-nx86-xnct-afbs |
|
| 19 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
| 20 |
| vulnerability |
VCID-rarq-tdjt-hff3 |
|
| 21 |
| vulnerability |
VCID-tfhg-gzz2-7qc5 |
|
| 22 |
| vulnerability |
VCID-uvca-5e2n-pqew |
|
| 23 |
| vulnerability |
VCID-xpfd-zdry-euh5 |
|
| 24 |
| vulnerability |
VCID-ydka-2etb-hue9 |
|
| 25 |
| vulnerability |
VCID-zjct-yufk-jkdg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.6 |
|
|
| aliases |
CVE-2020-1738, GHSA-f85h-23mf-2fwh, PYSEC-2020-10
|
| risk_score |
1.4 |
| exploitability |
0.5 |
| weighted_severity |
2.7 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-rarq-tdjt-hff3 |
|
| 32 |
| url |
VCID-rnub-zmb6-5yhw |
| vulnerability_id |
VCID-rnub-zmb6-5yhw |
| summary |
A flaw was found in Ansible 2.7.16 and prior, 2.8.8 and prior, and 2.9.5 and prior when a password is set with the argument "password" of svn module, it is used on svn command line, disclosing to other users within the same node. An attacker could take advantage by reading the cmdline file from that particular PID on the procfs. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
| reference_url |
https://github.com/ansible/ansible |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
3.9 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N |
|
| 1 |
| value |
2.4 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N |
|
| 2 |
| value |
LOW |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/ansible/ansible |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
| 41 |
|
| 42 |
|
| 43 |
|
| 44 |
|
| 45 |
|
| 46 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:pypi/ansible@2.7.17 |
| purl |
pkg:pypi/ansible@2.7.17 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 2 |
| vulnerability |
VCID-49gh-wgmc-mfew |
|
| 3 |
| vulnerability |
VCID-5mcc-gtrr-j3e4 |
|
| 4 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 5 |
| vulnerability |
VCID-6hdk-ywcn-4qe4 |
|
| 6 |
| vulnerability |
VCID-6swz-79ue-bbef |
|
| 7 |
| vulnerability |
VCID-95kg-bk3s-g7gx |
|
| 8 |
| vulnerability |
VCID-98zq-xddz-dyc8 |
|
| 9 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 10 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 11 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 12 |
| vulnerability |
VCID-gnq4-v5a7-m3ew |
|
| 13 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 14 |
| vulnerability |
VCID-j4px-r23h-9kb7 |
|
| 15 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 16 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 17 |
| vulnerability |
VCID-nx86-xnct-afbs |
|
| 18 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
| 19 |
| vulnerability |
VCID-uvca-5e2n-pqew |
|
| 20 |
| vulnerability |
VCID-zcmk-4k97-kkd9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.7.17 |
|
| 1 |
| url |
pkg:pypi/ansible@2.8.0a1 |
| purl |
pkg:pypi/ansible@2.8.0a1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 2 |
| vulnerability |
VCID-4331-d5yy-uybc |
|
| 3 |
| vulnerability |
VCID-49gh-wgmc-mfew |
|
| 4 |
| vulnerability |
VCID-4tfv-snmv-bbax |
|
| 5 |
| vulnerability |
VCID-5mcc-gtrr-j3e4 |
|
| 6 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 7 |
| vulnerability |
VCID-6hdk-ywcn-4qe4 |
|
| 8 |
| vulnerability |
VCID-6smx-ju23-8qes |
|
| 9 |
| vulnerability |
VCID-6swz-79ue-bbef |
|
| 10 |
| vulnerability |
VCID-7d8z-g99x-7qh2 |
|
| 11 |
| vulnerability |
VCID-95kg-bk3s-g7gx |
|
| 12 |
| vulnerability |
VCID-98zq-xddz-dyc8 |
|
| 13 |
| vulnerability |
VCID-aq21-sp74-17gk |
|
| 14 |
| vulnerability |
VCID-axds-bd49-fbdj |
|
| 15 |
| vulnerability |
VCID-b423-t4kx-eqbq |
|
| 16 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 17 |
| vulnerability |
VCID-brft-snn6-guc8 |
|
| 18 |
| vulnerability |
VCID-bvsa-kz7r-zyea |
|
| 19 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 20 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 21 |
| vulnerability |
VCID-gnq4-v5a7-m3ew |
|
| 22 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 23 |
| vulnerability |
VCID-j4px-r23h-9kb7 |
|
| 24 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 25 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 26 |
| vulnerability |
VCID-mk3k-n9wn-q3ct |
|
| 27 |
| vulnerability |
VCID-n2b8-e8fa-2ue1 |
|
| 28 |
| vulnerability |
VCID-nx86-xnct-afbs |
|
| 29 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
| 30 |
| vulnerability |
VCID-rarq-tdjt-hff3 |
|
| 31 |
| vulnerability |
VCID-rnub-zmb6-5yhw |
|
| 32 |
| vulnerability |
VCID-uvca-5e2n-pqew |
|
| 33 |
| vulnerability |
VCID-xn7b-vz2e-6qdh |
|
| 34 |
| vulnerability |
VCID-xpfd-zdry-euh5 |
|
| 35 |
| vulnerability |
VCID-zcmk-4k97-kkd9 |
|
| 36 |
| vulnerability |
VCID-zjct-yufk-jkdg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.8.0a1 |
|
| 2 |
| url |
pkg:pypi/ansible@2.8.9 |
| purl |
pkg:pypi/ansible@2.8.9 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 2 |
| vulnerability |
VCID-4331-d5yy-uybc |
|
| 3 |
| vulnerability |
VCID-49gh-wgmc-mfew |
|
| 4 |
| vulnerability |
VCID-5mcc-gtrr-j3e4 |
|
| 5 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 6 |
| vulnerability |
VCID-6hdk-ywcn-4qe4 |
|
| 7 |
| vulnerability |
VCID-6swz-79ue-bbef |
|
| 8 |
| vulnerability |
VCID-7d8z-g99x-7qh2 |
|
| 9 |
| vulnerability |
VCID-95kg-bk3s-g7gx |
|
| 10 |
| vulnerability |
VCID-98zq-xddz-dyc8 |
|
| 11 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 12 |
| vulnerability |
VCID-bvsa-kz7r-zyea |
|
| 13 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 14 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 15 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 16 |
| vulnerability |
VCID-j4px-r23h-9kb7 |
|
| 17 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 18 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 19 |
| vulnerability |
VCID-nx86-xnct-afbs |
|
| 20 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
| 21 |
| vulnerability |
VCID-tfhg-gzz2-7qc5 |
|
| 22 |
| vulnerability |
VCID-uvca-5e2n-pqew |
|
| 23 |
| vulnerability |
VCID-xpfd-zdry-euh5 |
|
| 24 |
| vulnerability |
VCID-zjct-yufk-jkdg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.8.9 |
|
| 3 |
| url |
pkg:pypi/ansible@2.8.11 |
| purl |
pkg:pypi/ansible@2.8.11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 2 |
| vulnerability |
VCID-49gh-wgmc-mfew |
|
| 3 |
| vulnerability |
VCID-5mcc-gtrr-j3e4 |
|
| 4 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 5 |
| vulnerability |
VCID-6swz-79ue-bbef |
|
| 6 |
| vulnerability |
VCID-7d8z-g99x-7qh2 |
|
| 7 |
| vulnerability |
VCID-95kg-bk3s-g7gx |
|
| 8 |
| vulnerability |
VCID-98zq-xddz-dyc8 |
|
| 9 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 10 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 11 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 12 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 13 |
| vulnerability |
VCID-j4px-r23h-9kb7 |
|
| 14 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 15 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 16 |
| vulnerability |
VCID-nx86-xnct-afbs |
|
| 17 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
| 18 |
| vulnerability |
VCID-tfhg-gzz2-7qc5 |
|
| 19 |
| vulnerability |
VCID-uvca-5e2n-pqew |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.8.11 |
|
| 4 |
| url |
pkg:pypi/ansible@2.9.6 |
| purl |
pkg:pypi/ansible@2.9.6 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 2 |
| vulnerability |
VCID-4331-d5yy-uybc |
|
| 3 |
| vulnerability |
VCID-49gh-wgmc-mfew |
|
| 4 |
| vulnerability |
VCID-5mcc-gtrr-j3e4 |
|
| 5 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 6 |
| vulnerability |
VCID-6hdk-ywcn-4qe4 |
|
| 7 |
| vulnerability |
VCID-6swz-79ue-bbef |
|
| 8 |
| vulnerability |
VCID-7d8z-g99x-7qh2 |
|
| 9 |
| vulnerability |
VCID-98zq-xddz-dyc8 |
|
| 10 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 11 |
| vulnerability |
VCID-bvsa-kz7r-zyea |
|
| 12 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 13 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 14 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 15 |
| vulnerability |
VCID-j4px-r23h-9kb7 |
|
| 16 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 17 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 18 |
| vulnerability |
VCID-nx86-xnct-afbs |
|
| 19 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
| 20 |
| vulnerability |
VCID-rarq-tdjt-hff3 |
|
| 21 |
| vulnerability |
VCID-tfhg-gzz2-7qc5 |
|
| 22 |
| vulnerability |
VCID-uvca-5e2n-pqew |
|
| 23 |
| vulnerability |
VCID-xpfd-zdry-euh5 |
|
| 24 |
| vulnerability |
VCID-ydka-2etb-hue9 |
|
| 25 |
| vulnerability |
VCID-zjct-yufk-jkdg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.6 |
|
| 5 |
| url |
pkg:pypi/ansible@2.9.7 |
| purl |
pkg:pypi/ansible@2.9.7 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 2 |
| vulnerability |
VCID-49gh-wgmc-mfew |
|
| 3 |
| vulnerability |
VCID-5mcc-gtrr-j3e4 |
|
| 4 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 5 |
| vulnerability |
VCID-6swz-79ue-bbef |
|
| 6 |
| vulnerability |
VCID-7d8z-g99x-7qh2 |
|
| 7 |
| vulnerability |
VCID-98zq-xddz-dyc8 |
|
| 8 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 9 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 10 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 11 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 12 |
| vulnerability |
VCID-j4px-r23h-9kb7 |
|
| 13 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 14 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 15 |
| vulnerability |
VCID-nx86-xnct-afbs |
|
| 16 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
| 17 |
| vulnerability |
VCID-tfhg-gzz2-7qc5 |
|
| 18 |
| vulnerability |
VCID-uvca-5e2n-pqew |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.7 |
|
|
| aliases |
CVE-2020-1739, GHSA-923p-fr2c-g5m2, PYSEC-2020-11
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-rnub-zmb6-5yhw |
|
| 33 |
| url |
VCID-s2w1-fedq-ckes |
| vulnerability_id |
VCID-s2w1-fedq-ckes |
| summary |
Ansible before version 2.3 has an input validation vulnerability in the handling of data sent from client systems. An attacker with control over a client system being managed by Ansible, and the ability to send facts back to the Ansible server, could use this flaw to execute arbitrary code on the Ansible server using the Ansible server privileges. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
| reference_url |
https://github.com/ansible/ansible |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
8.0 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H |
|
| 1 |
| value |
8.6 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N |
|
| 2 |
| value |
HIGH |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/ansible/ansible |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:pypi/ansible@2.3.0.0 |
| purl |
pkg:pypi/ansible@2.3.0.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 2 |
| vulnerability |
VCID-4331-d5yy-uybc |
|
| 3 |
| vulnerability |
VCID-46yu-yqv4-1ugb |
|
| 4 |
| vulnerability |
VCID-49gh-wgmc-mfew |
|
| 5 |
| vulnerability |
VCID-5mcc-gtrr-j3e4 |
|
| 6 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 7 |
| vulnerability |
VCID-664v-ms96-jfd2 |
|
| 8 |
| vulnerability |
VCID-6hdk-ywcn-4qe4 |
|
| 9 |
| vulnerability |
VCID-6smx-ju23-8qes |
|
| 10 |
| vulnerability |
VCID-6swz-79ue-bbef |
|
| 11 |
| vulnerability |
VCID-7f2g-zz9p-sufc |
|
| 12 |
| vulnerability |
VCID-826d-vdw1-dbaj |
|
| 13 |
| vulnerability |
VCID-95kg-bk3s-g7gx |
|
| 14 |
| vulnerability |
VCID-a79h-gfcm-13cq |
|
| 15 |
| vulnerability |
VCID-axds-bd49-fbdj |
|
| 16 |
| vulnerability |
VCID-b423-t4kx-eqbq |
|
| 17 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 18 |
| vulnerability |
VCID-bmq3-uckn-tfhk |
|
| 19 |
| vulnerability |
VCID-brft-snn6-guc8 |
|
| 20 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 21 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 22 |
| vulnerability |
VCID-gnq4-v5a7-m3ew |
|
| 23 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 24 |
| vulnerability |
VCID-j4px-r23h-9kb7 |
|
| 25 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 26 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 27 |
| vulnerability |
VCID-n2b8-e8fa-2ue1 |
|
| 28 |
| vulnerability |
VCID-nx86-xnct-afbs |
|
| 29 |
| vulnerability |
VCID-p6cz-c9ah-c7cp |
|
| 30 |
| vulnerability |
VCID-qbws-64b9-83fc |
|
| 31 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
| 32 |
| vulnerability |
VCID-rarq-tdjt-hff3 |
|
| 33 |
| vulnerability |
VCID-rnub-zmb6-5yhw |
|
| 34 |
| vulnerability |
VCID-uvca-5e2n-pqew |
|
| 35 |
| vulnerability |
VCID-xk7s-y611-mffc |
|
| 36 |
| vulnerability |
VCID-xn7b-vz2e-6qdh |
|
| 37 |
| vulnerability |
VCID-zcmk-4k97-kkd9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.3.0.0 |
|
|
| aliases |
CVE-2017-7466, GHSA-3m8p-xpm6-8ww3, PYSEC-2018-40
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-s2w1-fedq-ckes |
|
| 34 |
| url |
VCID-uvca-5e2n-pqew |
| vulnerability_id |
VCID-uvca-5e2n-pqew |
| summary |
information disclosure |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:pypi/ansible@2.8.19rc1 |
| purl |
pkg:pypi/ansible@2.8.19rc1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 2 |
| vulnerability |
VCID-49gh-wgmc-mfew |
|
| 3 |
| vulnerability |
VCID-5mcc-gtrr-j3e4 |
|
| 4 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 5 |
| vulnerability |
VCID-95kg-bk3s-g7gx |
|
| 6 |
| vulnerability |
VCID-98zq-xddz-dyc8 |
|
| 7 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 8 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 9 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 10 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 11 |
| vulnerability |
VCID-j4px-r23h-9kb7 |
|
| 12 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 13 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 14 |
| vulnerability |
VCID-nx86-xnct-afbs |
|
| 15 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
| 16 |
| vulnerability |
VCID-uvca-5e2n-pqew |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.8.19rc1 |
|
| 1 |
| url |
pkg:pypi/ansible@2.8.19 |
| purl |
pkg:pypi/ansible@2.8.19 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 2 |
| vulnerability |
VCID-49gh-wgmc-mfew |
|
| 3 |
| vulnerability |
VCID-5mcc-gtrr-j3e4 |
|
| 4 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 5 |
| vulnerability |
VCID-95kg-bk3s-g7gx |
|
| 6 |
| vulnerability |
VCID-98zq-xddz-dyc8 |
|
| 7 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 8 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 9 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 10 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 11 |
| vulnerability |
VCID-j4px-r23h-9kb7 |
|
| 12 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 13 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 14 |
| vulnerability |
VCID-nx86-xnct-afbs |
|
| 15 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.8.19 |
|
| 2 |
| url |
pkg:pypi/ansible@2.9.18rc1 |
| purl |
pkg:pypi/ansible@2.9.18rc1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 2 |
| vulnerability |
VCID-49gh-wgmc-mfew |
|
| 3 |
| vulnerability |
VCID-5mcc-gtrr-j3e4 |
|
| 4 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 5 |
| vulnerability |
VCID-98zq-xddz-dyc8 |
|
| 6 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 7 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 8 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 9 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 10 |
| vulnerability |
VCID-j4px-r23h-9kb7 |
|
| 11 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 12 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 13 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
| 14 |
| vulnerability |
VCID-uvca-5e2n-pqew |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.18rc1 |
|
| 3 |
| url |
pkg:pypi/ansible@2.9.18 |
| purl |
pkg:pypi/ansible@2.9.18 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 2 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 3 |
| vulnerability |
VCID-98zq-xddz-dyc8 |
|
| 4 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 5 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 6 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 7 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 8 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 9 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 10 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.18 |
|
| 4 |
|
|
| aliases |
CVE-2021-20191, GHSA-8f4m-hccc-8qph, PYSEC-2021-124
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-uvca-5e2n-pqew |
|
| 35 |
| url |
VCID-xk7s-y611-mffc |
| vulnerability_id |
VCID-xk7s-y611-mffc |
| summary |
A flaw was discovered in the way Ansible templating was implemented in versions before 2.6.18, 2.7.12 and 2.8.2, causing the possibility of information disclosure through unexpected variable substitution. By taking advantage of unintended variable substitution the content of any variable may be disclosed. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:pypi/ansible@2.6.18 |
| purl |
pkg:pypi/ansible@2.6.18 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-39vn-b7y4-v3ez |
|
| 2 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 3 |
| vulnerability |
VCID-4331-d5yy-uybc |
|
| 4 |
| vulnerability |
VCID-46yu-yqv4-1ugb |
|
| 5 |
| vulnerability |
VCID-49gh-wgmc-mfew |
|
| 6 |
| vulnerability |
VCID-52zf-mjec-f3d5 |
|
| 7 |
| vulnerability |
VCID-5mcc-gtrr-j3e4 |
|
| 8 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 9 |
| vulnerability |
VCID-6hdk-ywcn-4qe4 |
|
| 10 |
| vulnerability |
VCID-6smx-ju23-8qes |
|
| 11 |
| vulnerability |
VCID-6swz-79ue-bbef |
|
| 12 |
| vulnerability |
VCID-95kg-bk3s-g7gx |
|
| 13 |
| vulnerability |
VCID-98zq-xddz-dyc8 |
|
| 14 |
| vulnerability |
VCID-axds-bd49-fbdj |
|
| 15 |
| vulnerability |
VCID-b423-t4kx-eqbq |
|
| 16 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 17 |
| vulnerability |
VCID-brft-snn6-guc8 |
|
| 18 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 19 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 20 |
| vulnerability |
VCID-gnq4-v5a7-m3ew |
|
| 21 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 22 |
| vulnerability |
VCID-j4px-r23h-9kb7 |
|
| 23 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 24 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 25 |
| vulnerability |
VCID-n2b8-e8fa-2ue1 |
|
| 26 |
| vulnerability |
VCID-nx86-xnct-afbs |
|
| 27 |
| vulnerability |
VCID-p6cz-c9ah-c7cp |
|
| 28 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
| 29 |
| vulnerability |
VCID-rarq-tdjt-hff3 |
|
| 30 |
| vulnerability |
VCID-rnub-zmb6-5yhw |
|
| 31 |
| vulnerability |
VCID-uvca-5e2n-pqew |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.6.18 |
|
| 1 |
| url |
pkg:pypi/ansible@2.7.12 |
| purl |
pkg:pypi/ansible@2.7.12 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-39vn-b7y4-v3ez |
|
| 2 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 3 |
| vulnerability |
VCID-4331-d5yy-uybc |
|
| 4 |
| vulnerability |
VCID-46yu-yqv4-1ugb |
|
| 5 |
| vulnerability |
VCID-49gh-wgmc-mfew |
|
| 6 |
| vulnerability |
VCID-4tfv-snmv-bbax |
|
| 7 |
| vulnerability |
VCID-52zf-mjec-f3d5 |
|
| 8 |
| vulnerability |
VCID-5mcc-gtrr-j3e4 |
|
| 9 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 10 |
| vulnerability |
VCID-6hdk-ywcn-4qe4 |
|
| 11 |
| vulnerability |
VCID-6smx-ju23-8qes |
|
| 12 |
| vulnerability |
VCID-6swz-79ue-bbef |
|
| 13 |
| vulnerability |
VCID-95kg-bk3s-g7gx |
|
| 14 |
| vulnerability |
VCID-98zq-xddz-dyc8 |
|
| 15 |
| vulnerability |
VCID-aq21-sp74-17gk |
|
| 16 |
| vulnerability |
VCID-axds-bd49-fbdj |
|
| 17 |
| vulnerability |
VCID-b423-t4kx-eqbq |
|
| 18 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 19 |
| vulnerability |
VCID-brft-snn6-guc8 |
|
| 20 |
| vulnerability |
VCID-bvsa-kz7r-zyea |
|
| 21 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 22 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 23 |
| vulnerability |
VCID-gnq4-v5a7-m3ew |
|
| 24 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 25 |
| vulnerability |
VCID-j4px-r23h-9kb7 |
|
| 26 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 27 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 28 |
| vulnerability |
VCID-n2b8-e8fa-2ue1 |
|
| 29 |
| vulnerability |
VCID-nx86-xnct-afbs |
|
| 30 |
| vulnerability |
VCID-p6cz-c9ah-c7cp |
|
| 31 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
| 32 |
| vulnerability |
VCID-rarq-tdjt-hff3 |
|
| 33 |
| vulnerability |
VCID-rnub-zmb6-5yhw |
|
| 34 |
| vulnerability |
VCID-uvca-5e2n-pqew |
|
| 35 |
| vulnerability |
VCID-vctt-ev3n-zkf8 |
|
| 36 |
| vulnerability |
VCID-xpfd-zdry-euh5 |
|
| 37 |
| vulnerability |
VCID-zcmk-4k97-kkd9 |
|
| 38 |
| vulnerability |
VCID-zjct-yufk-jkdg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.7.12 |
|
| 2 |
| url |
pkg:pypi/ansible@2.8.2 |
| purl |
pkg:pypi/ansible@2.8.2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-39vn-b7y4-v3ez |
|
| 2 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 3 |
| vulnerability |
VCID-4331-d5yy-uybc |
|
| 4 |
| vulnerability |
VCID-46yu-yqv4-1ugb |
|
| 5 |
| vulnerability |
VCID-49gh-wgmc-mfew |
|
| 6 |
| vulnerability |
VCID-4tfv-snmv-bbax |
|
| 7 |
| vulnerability |
VCID-52zf-mjec-f3d5 |
|
| 8 |
| vulnerability |
VCID-5mcc-gtrr-j3e4 |
|
| 9 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 10 |
| vulnerability |
VCID-6hdk-ywcn-4qe4 |
|
| 11 |
| vulnerability |
VCID-6smx-ju23-8qes |
|
| 12 |
| vulnerability |
VCID-6swz-79ue-bbef |
|
| 13 |
| vulnerability |
VCID-7d8z-g99x-7qh2 |
|
| 14 |
| vulnerability |
VCID-95kg-bk3s-g7gx |
|
| 15 |
| vulnerability |
VCID-98zq-xddz-dyc8 |
|
| 16 |
| vulnerability |
VCID-aq21-sp74-17gk |
|
| 17 |
| vulnerability |
VCID-axds-bd49-fbdj |
|
| 18 |
| vulnerability |
VCID-b423-t4kx-eqbq |
|
| 19 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 20 |
| vulnerability |
VCID-brft-snn6-guc8 |
|
| 21 |
| vulnerability |
VCID-bvsa-kz7r-zyea |
|
| 22 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 23 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 24 |
| vulnerability |
VCID-gnq4-v5a7-m3ew |
|
| 25 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 26 |
| vulnerability |
VCID-j4px-r23h-9kb7 |
|
| 27 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 28 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 29 |
| vulnerability |
VCID-mk3k-n9wn-q3ct |
|
| 30 |
| vulnerability |
VCID-n2b8-e8fa-2ue1 |
|
| 31 |
| vulnerability |
VCID-nx86-xnct-afbs |
|
| 32 |
| vulnerability |
VCID-p6cz-c9ah-c7cp |
|
| 33 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
| 34 |
| vulnerability |
VCID-rarq-tdjt-hff3 |
|
| 35 |
| vulnerability |
VCID-rnub-zmb6-5yhw |
|
| 36 |
| vulnerability |
VCID-sdv2-h8d8-9ydj |
|
| 37 |
| vulnerability |
VCID-tfhg-gzz2-7qc5 |
|
| 38 |
| vulnerability |
VCID-uvca-5e2n-pqew |
|
| 39 |
| vulnerability |
VCID-vctt-ev3n-zkf8 |
|
| 40 |
| vulnerability |
VCID-xpfd-zdry-euh5 |
|
| 41 |
| vulnerability |
VCID-zjct-yufk-jkdg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.8.2 |
|
|
| aliases |
PYSEC-2019-72
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-xk7s-y611-mffc |
|
| 36 |
| url |
VCID-xn7b-vz2e-6qdh |
| vulnerability_id |
VCID-xn7b-vz2e-6qdh |
| summary |
A flaw was discovered in the way Ansible templating was implemented in versions before 2.6.18, 2.7.12 and 2.8.2, causing the possibility of information disclosure through unexpected variable substitution. By taking advantage of unintended variable substitution the content of any variable may be disclosed. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
| reference_url |
https://github.com/advisories/GHSA-grgm-pph5-j5h7 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
5.4 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N |
|
| 1 |
| value |
MODERATE |
| scoring_system |
cvssv3.1_qr |
| scoring_elements |
|
|
| 2 |
| value |
5.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N |
|
| 3 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/advisories/GHSA-grgm-pph5-j5h7 |
|
| 25 |
| reference_url |
https://github.com/ansible/ansible |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
5.4 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N |
|
| 1 |
| value |
5.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/ansible/ansible |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:pypi/ansible@2.6.18 |
| purl |
pkg:pypi/ansible@2.6.18 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-39vn-b7y4-v3ez |
|
| 2 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 3 |
| vulnerability |
VCID-4331-d5yy-uybc |
|
| 4 |
| vulnerability |
VCID-46yu-yqv4-1ugb |
|
| 5 |
| vulnerability |
VCID-49gh-wgmc-mfew |
|
| 6 |
| vulnerability |
VCID-52zf-mjec-f3d5 |
|
| 7 |
| vulnerability |
VCID-5mcc-gtrr-j3e4 |
|
| 8 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 9 |
| vulnerability |
VCID-6hdk-ywcn-4qe4 |
|
| 10 |
| vulnerability |
VCID-6smx-ju23-8qes |
|
| 11 |
| vulnerability |
VCID-6swz-79ue-bbef |
|
| 12 |
| vulnerability |
VCID-95kg-bk3s-g7gx |
|
| 13 |
| vulnerability |
VCID-98zq-xddz-dyc8 |
|
| 14 |
| vulnerability |
VCID-axds-bd49-fbdj |
|
| 15 |
| vulnerability |
VCID-b423-t4kx-eqbq |
|
| 16 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 17 |
| vulnerability |
VCID-brft-snn6-guc8 |
|
| 18 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 19 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 20 |
| vulnerability |
VCID-gnq4-v5a7-m3ew |
|
| 21 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 22 |
| vulnerability |
VCID-j4px-r23h-9kb7 |
|
| 23 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 24 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 25 |
| vulnerability |
VCID-n2b8-e8fa-2ue1 |
|
| 26 |
| vulnerability |
VCID-nx86-xnct-afbs |
|
| 27 |
| vulnerability |
VCID-p6cz-c9ah-c7cp |
|
| 28 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
| 29 |
| vulnerability |
VCID-rarq-tdjt-hff3 |
|
| 30 |
| vulnerability |
VCID-rnub-zmb6-5yhw |
|
| 31 |
| vulnerability |
VCID-uvca-5e2n-pqew |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.6.18 |
|
| 1 |
| url |
pkg:pypi/ansible@2.7.12 |
| purl |
pkg:pypi/ansible@2.7.12 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-39vn-b7y4-v3ez |
|
| 2 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 3 |
| vulnerability |
VCID-4331-d5yy-uybc |
|
| 4 |
| vulnerability |
VCID-46yu-yqv4-1ugb |
|
| 5 |
| vulnerability |
VCID-49gh-wgmc-mfew |
|
| 6 |
| vulnerability |
VCID-4tfv-snmv-bbax |
|
| 7 |
| vulnerability |
VCID-52zf-mjec-f3d5 |
|
| 8 |
| vulnerability |
VCID-5mcc-gtrr-j3e4 |
|
| 9 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 10 |
| vulnerability |
VCID-6hdk-ywcn-4qe4 |
|
| 11 |
| vulnerability |
VCID-6smx-ju23-8qes |
|
| 12 |
| vulnerability |
VCID-6swz-79ue-bbef |
|
| 13 |
| vulnerability |
VCID-95kg-bk3s-g7gx |
|
| 14 |
| vulnerability |
VCID-98zq-xddz-dyc8 |
|
| 15 |
| vulnerability |
VCID-aq21-sp74-17gk |
|
| 16 |
| vulnerability |
VCID-axds-bd49-fbdj |
|
| 17 |
| vulnerability |
VCID-b423-t4kx-eqbq |
|
| 18 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 19 |
| vulnerability |
VCID-brft-snn6-guc8 |
|
| 20 |
| vulnerability |
VCID-bvsa-kz7r-zyea |
|
| 21 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 22 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 23 |
| vulnerability |
VCID-gnq4-v5a7-m3ew |
|
| 24 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 25 |
| vulnerability |
VCID-j4px-r23h-9kb7 |
|
| 26 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 27 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 28 |
| vulnerability |
VCID-n2b8-e8fa-2ue1 |
|
| 29 |
| vulnerability |
VCID-nx86-xnct-afbs |
|
| 30 |
| vulnerability |
VCID-p6cz-c9ah-c7cp |
|
| 31 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
| 32 |
| vulnerability |
VCID-rarq-tdjt-hff3 |
|
| 33 |
| vulnerability |
VCID-rnub-zmb6-5yhw |
|
| 34 |
| vulnerability |
VCID-uvca-5e2n-pqew |
|
| 35 |
| vulnerability |
VCID-vctt-ev3n-zkf8 |
|
| 36 |
| vulnerability |
VCID-xpfd-zdry-euh5 |
|
| 37 |
| vulnerability |
VCID-zcmk-4k97-kkd9 |
|
| 38 |
| vulnerability |
VCID-zjct-yufk-jkdg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.7.12 |
|
| 2 |
| url |
pkg:pypi/ansible@2.8.2 |
| purl |
pkg:pypi/ansible@2.8.2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-39vn-b7y4-v3ez |
|
| 2 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 3 |
| vulnerability |
VCID-4331-d5yy-uybc |
|
| 4 |
| vulnerability |
VCID-46yu-yqv4-1ugb |
|
| 5 |
| vulnerability |
VCID-49gh-wgmc-mfew |
|
| 6 |
| vulnerability |
VCID-4tfv-snmv-bbax |
|
| 7 |
| vulnerability |
VCID-52zf-mjec-f3d5 |
|
| 8 |
| vulnerability |
VCID-5mcc-gtrr-j3e4 |
|
| 9 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 10 |
| vulnerability |
VCID-6hdk-ywcn-4qe4 |
|
| 11 |
| vulnerability |
VCID-6smx-ju23-8qes |
|
| 12 |
| vulnerability |
VCID-6swz-79ue-bbef |
|
| 13 |
| vulnerability |
VCID-7d8z-g99x-7qh2 |
|
| 14 |
| vulnerability |
VCID-95kg-bk3s-g7gx |
|
| 15 |
| vulnerability |
VCID-98zq-xddz-dyc8 |
|
| 16 |
| vulnerability |
VCID-aq21-sp74-17gk |
|
| 17 |
| vulnerability |
VCID-axds-bd49-fbdj |
|
| 18 |
| vulnerability |
VCID-b423-t4kx-eqbq |
|
| 19 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 20 |
| vulnerability |
VCID-brft-snn6-guc8 |
|
| 21 |
| vulnerability |
VCID-bvsa-kz7r-zyea |
|
| 22 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 23 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 24 |
| vulnerability |
VCID-gnq4-v5a7-m3ew |
|
| 25 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 26 |
| vulnerability |
VCID-j4px-r23h-9kb7 |
|
| 27 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 28 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 29 |
| vulnerability |
VCID-mk3k-n9wn-q3ct |
|
| 30 |
| vulnerability |
VCID-n2b8-e8fa-2ue1 |
|
| 31 |
| vulnerability |
VCID-nx86-xnct-afbs |
|
| 32 |
| vulnerability |
VCID-p6cz-c9ah-c7cp |
|
| 33 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
| 34 |
| vulnerability |
VCID-rarq-tdjt-hff3 |
|
| 35 |
| vulnerability |
VCID-rnub-zmb6-5yhw |
|
| 36 |
| vulnerability |
VCID-sdv2-h8d8-9ydj |
|
| 37 |
| vulnerability |
VCID-tfhg-gzz2-7qc5 |
|
| 38 |
| vulnerability |
VCID-uvca-5e2n-pqew |
|
| 39 |
| vulnerability |
VCID-vctt-ev3n-zkf8 |
|
| 40 |
| vulnerability |
VCID-xpfd-zdry-euh5 |
|
| 41 |
| vulnerability |
VCID-zjct-yufk-jkdg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.8.2 |
|
|
| aliases |
CVE-2019-10156, GHSA-grgm-pph5-j5h7, PYSEC-2019-2
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-xn7b-vz2e-6qdh |
|
| 37 |
| url |
VCID-zcmk-4k97-kkd9 |
| vulnerability_id |
VCID-zcmk-4k97-kkd9 |
| summary |
Execution of Ansible playbooks on Windows platforms with PowerShell ScriptBlock logging and Module logging enabled can allow for 'become' passwords to appear in EventLogs in plaintext. A local user with administrator privileges on the machine can view these logs and discover the plaintext password. Ansible Engine 2.8 and older are believed to be vulnerable. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
| reference_url |
https://github.com/ansible/ansible |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
4.4 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N |
|
| 1 |
| value |
6.7 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/ansible/ansible |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:pypi/ansible@2.5.12 |
| purl |
pkg:pypi/ansible@2.5.12 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 2 |
| vulnerability |
VCID-3v1a-j6eq-57dk |
|
| 3 |
| vulnerability |
VCID-4331-d5yy-uybc |
|
| 4 |
| vulnerability |
VCID-46yu-yqv4-1ugb |
|
| 5 |
| vulnerability |
VCID-49gh-wgmc-mfew |
|
| 6 |
| vulnerability |
VCID-5mcc-gtrr-j3e4 |
|
| 7 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 8 |
| vulnerability |
VCID-6hdk-ywcn-4qe4 |
|
| 9 |
| vulnerability |
VCID-6smx-ju23-8qes |
|
| 10 |
| vulnerability |
VCID-6swz-79ue-bbef |
|
| 11 |
| vulnerability |
VCID-7f2g-zz9p-sufc |
|
| 12 |
| vulnerability |
VCID-95kg-bk3s-g7gx |
|
| 13 |
| vulnerability |
VCID-98zq-xddz-dyc8 |
|
| 14 |
| vulnerability |
VCID-axds-bd49-fbdj |
|
| 15 |
| vulnerability |
VCID-b423-t4kx-eqbq |
|
| 16 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 17 |
| vulnerability |
VCID-bmq3-uckn-tfhk |
|
| 18 |
| vulnerability |
VCID-brft-snn6-guc8 |
|
| 19 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 20 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 21 |
| vulnerability |
VCID-gnq4-v5a7-m3ew |
|
| 22 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 23 |
| vulnerability |
VCID-j4px-r23h-9kb7 |
|
| 24 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 25 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 26 |
| vulnerability |
VCID-n2b8-e8fa-2ue1 |
|
| 27 |
| vulnerability |
VCID-nx86-xnct-afbs |
|
| 28 |
| vulnerability |
VCID-p6cz-c9ah-c7cp |
|
| 29 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
| 30 |
| vulnerability |
VCID-rarq-tdjt-hff3 |
|
| 31 |
| vulnerability |
VCID-rnub-zmb6-5yhw |
|
| 32 |
| vulnerability |
VCID-uvca-5e2n-pqew |
|
| 33 |
| vulnerability |
VCID-xk7s-y611-mffc |
|
| 34 |
| vulnerability |
VCID-xn7b-vz2e-6qdh |
|
| 35 |
| vulnerability |
VCID-zcmk-4k97-kkd9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.5.12 |
|
| 1 |
| url |
pkg:pypi/ansible@2.5.13 |
| purl |
pkg:pypi/ansible@2.5.13 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 2 |
| vulnerability |
VCID-3v1a-j6eq-57dk |
|
| 3 |
| vulnerability |
VCID-4331-d5yy-uybc |
|
| 4 |
| vulnerability |
VCID-46yu-yqv4-1ugb |
|
| 5 |
| vulnerability |
VCID-49gh-wgmc-mfew |
|
| 6 |
| vulnerability |
VCID-5mcc-gtrr-j3e4 |
|
| 7 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 8 |
| vulnerability |
VCID-6hdk-ywcn-4qe4 |
|
| 9 |
| vulnerability |
VCID-6smx-ju23-8qes |
|
| 10 |
| vulnerability |
VCID-6swz-79ue-bbef |
|
| 11 |
| vulnerability |
VCID-7f2g-zz9p-sufc |
|
| 12 |
| vulnerability |
VCID-95kg-bk3s-g7gx |
|
| 13 |
| vulnerability |
VCID-98zq-xddz-dyc8 |
|
| 14 |
| vulnerability |
VCID-axds-bd49-fbdj |
|
| 15 |
| vulnerability |
VCID-b423-t4kx-eqbq |
|
| 16 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 17 |
| vulnerability |
VCID-bmq3-uckn-tfhk |
|
| 18 |
| vulnerability |
VCID-brft-snn6-guc8 |
|
| 19 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 20 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 21 |
| vulnerability |
VCID-gnq4-v5a7-m3ew |
|
| 22 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 23 |
| vulnerability |
VCID-j4px-r23h-9kb7 |
|
| 24 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 25 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 26 |
| vulnerability |
VCID-n2b8-e8fa-2ue1 |
|
| 27 |
| vulnerability |
VCID-nx86-xnct-afbs |
|
| 28 |
| vulnerability |
VCID-p6cz-c9ah-c7cp |
|
| 29 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
| 30 |
| vulnerability |
VCID-rarq-tdjt-hff3 |
|
| 31 |
| vulnerability |
VCID-rnub-zmb6-5yhw |
|
| 32 |
| vulnerability |
VCID-uvca-5e2n-pqew |
|
| 33 |
| vulnerability |
VCID-xk7s-y611-mffc |
|
| 34 |
| vulnerability |
VCID-xn7b-vz2e-6qdh |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.5.13 |
|
| 2 |
| url |
pkg:pypi/ansible@2.6.9 |
| purl |
pkg:pypi/ansible@2.6.9 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-39vn-b7y4-v3ez |
|
| 2 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 3 |
| vulnerability |
VCID-3v1a-j6eq-57dk |
|
| 4 |
| vulnerability |
VCID-4331-d5yy-uybc |
|
| 5 |
| vulnerability |
VCID-46yu-yqv4-1ugb |
|
| 6 |
| vulnerability |
VCID-49gh-wgmc-mfew |
|
| 7 |
| vulnerability |
VCID-52zf-mjec-f3d5 |
|
| 8 |
| vulnerability |
VCID-5mcc-gtrr-j3e4 |
|
| 9 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 10 |
| vulnerability |
VCID-6hdk-ywcn-4qe4 |
|
| 11 |
| vulnerability |
VCID-6smx-ju23-8qes |
|
| 12 |
| vulnerability |
VCID-6swz-79ue-bbef |
|
| 13 |
| vulnerability |
VCID-7f2g-zz9p-sufc |
|
| 14 |
| vulnerability |
VCID-95kg-bk3s-g7gx |
|
| 15 |
| vulnerability |
VCID-98zq-xddz-dyc8 |
|
| 16 |
| vulnerability |
VCID-axds-bd49-fbdj |
|
| 17 |
| vulnerability |
VCID-b423-t4kx-eqbq |
|
| 18 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 19 |
| vulnerability |
VCID-bmq3-uckn-tfhk |
|
| 20 |
| vulnerability |
VCID-brft-snn6-guc8 |
|
| 21 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 22 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 23 |
| vulnerability |
VCID-gnq4-v5a7-m3ew |
|
| 24 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 25 |
| vulnerability |
VCID-j4px-r23h-9kb7 |
|
| 26 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 27 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 28 |
| vulnerability |
VCID-n2b8-e8fa-2ue1 |
|
| 29 |
| vulnerability |
VCID-nx86-xnct-afbs |
|
| 30 |
| vulnerability |
VCID-p6cz-c9ah-c7cp |
|
| 31 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
| 32 |
| vulnerability |
VCID-rarq-tdjt-hff3 |
|
| 33 |
| vulnerability |
VCID-rnub-zmb6-5yhw |
|
| 34 |
| vulnerability |
VCID-uvca-5e2n-pqew |
|
| 35 |
| vulnerability |
VCID-xk7s-y611-mffc |
|
| 36 |
| vulnerability |
VCID-xn7b-vz2e-6qdh |
|
| 37 |
| vulnerability |
VCID-zcmk-4k97-kkd9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.6.9 |
|
| 3 |
| url |
pkg:pypi/ansible@2.6.10 |
| purl |
pkg:pypi/ansible@2.6.10 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-39vn-b7y4-v3ez |
|
| 2 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 3 |
| vulnerability |
VCID-3v1a-j6eq-57dk |
|
| 4 |
| vulnerability |
VCID-4331-d5yy-uybc |
|
| 5 |
| vulnerability |
VCID-46yu-yqv4-1ugb |
|
| 6 |
| vulnerability |
VCID-49gh-wgmc-mfew |
|
| 7 |
| vulnerability |
VCID-52zf-mjec-f3d5 |
|
| 8 |
| vulnerability |
VCID-5mcc-gtrr-j3e4 |
|
| 9 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 10 |
| vulnerability |
VCID-6hdk-ywcn-4qe4 |
|
| 11 |
| vulnerability |
VCID-6smx-ju23-8qes |
|
| 12 |
| vulnerability |
VCID-6swz-79ue-bbef |
|
| 13 |
| vulnerability |
VCID-7f2g-zz9p-sufc |
|
| 14 |
| vulnerability |
VCID-95kg-bk3s-g7gx |
|
| 15 |
| vulnerability |
VCID-98zq-xddz-dyc8 |
|
| 16 |
| vulnerability |
VCID-axds-bd49-fbdj |
|
| 17 |
| vulnerability |
VCID-b423-t4kx-eqbq |
|
| 18 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 19 |
| vulnerability |
VCID-bmq3-uckn-tfhk |
|
| 20 |
| vulnerability |
VCID-brft-snn6-guc8 |
|
| 21 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 22 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 23 |
| vulnerability |
VCID-gnq4-v5a7-m3ew |
|
| 24 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 25 |
| vulnerability |
VCID-j4px-r23h-9kb7 |
|
| 26 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 27 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 28 |
| vulnerability |
VCID-n2b8-e8fa-2ue1 |
|
| 29 |
| vulnerability |
VCID-nx86-xnct-afbs |
|
| 30 |
| vulnerability |
VCID-p6cz-c9ah-c7cp |
|
| 31 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
| 32 |
| vulnerability |
VCID-rarq-tdjt-hff3 |
|
| 33 |
| vulnerability |
VCID-rnub-zmb6-5yhw |
|
| 34 |
| vulnerability |
VCID-uvca-5e2n-pqew |
|
| 35 |
| vulnerability |
VCID-xk7s-y611-mffc |
|
| 36 |
| vulnerability |
VCID-xn7b-vz2e-6qdh |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.6.10 |
|
| 4 |
| url |
pkg:pypi/ansible@2.7.3 |
| purl |
pkg:pypi/ansible@2.7.3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-39vn-b7y4-v3ez |
|
| 2 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 3 |
| vulnerability |
VCID-3v1a-j6eq-57dk |
|
| 4 |
| vulnerability |
VCID-4331-d5yy-uybc |
|
| 5 |
| vulnerability |
VCID-46yu-yqv4-1ugb |
|
| 6 |
| vulnerability |
VCID-49gh-wgmc-mfew |
|
| 7 |
| vulnerability |
VCID-4tfv-snmv-bbax |
|
| 8 |
| vulnerability |
VCID-52zf-mjec-f3d5 |
|
| 9 |
| vulnerability |
VCID-5mcc-gtrr-j3e4 |
|
| 10 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 11 |
| vulnerability |
VCID-6hdk-ywcn-4qe4 |
|
| 12 |
| vulnerability |
VCID-6smx-ju23-8qes |
|
| 13 |
| vulnerability |
VCID-6swz-79ue-bbef |
|
| 14 |
| vulnerability |
VCID-7f2g-zz9p-sufc |
|
| 15 |
| vulnerability |
VCID-95kg-bk3s-g7gx |
|
| 16 |
| vulnerability |
VCID-98zq-xddz-dyc8 |
|
| 17 |
| vulnerability |
VCID-aq21-sp74-17gk |
|
| 18 |
| vulnerability |
VCID-axds-bd49-fbdj |
|
| 19 |
| vulnerability |
VCID-b423-t4kx-eqbq |
|
| 20 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 21 |
| vulnerability |
VCID-bmq3-uckn-tfhk |
|
| 22 |
| vulnerability |
VCID-brft-snn6-guc8 |
|
| 23 |
| vulnerability |
VCID-bvsa-kz7r-zyea |
|
| 24 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 25 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 26 |
| vulnerability |
VCID-gnq4-v5a7-m3ew |
|
| 27 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 28 |
| vulnerability |
VCID-j4px-r23h-9kb7 |
|
| 29 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 30 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 31 |
| vulnerability |
VCID-n2b8-e8fa-2ue1 |
|
| 32 |
| vulnerability |
VCID-nx86-xnct-afbs |
|
| 33 |
| vulnerability |
VCID-p6cz-c9ah-c7cp |
|
| 34 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
| 35 |
| vulnerability |
VCID-rarq-tdjt-hff3 |
|
| 36 |
| vulnerability |
VCID-rnub-zmb6-5yhw |
|
| 37 |
| vulnerability |
VCID-uvca-5e2n-pqew |
|
| 38 |
| vulnerability |
VCID-vctt-ev3n-zkf8 |
|
| 39 |
| vulnerability |
VCID-xk7s-y611-mffc |
|
| 40 |
| vulnerability |
VCID-xn7b-vz2e-6qdh |
|
| 41 |
| vulnerability |
VCID-xpfd-zdry-euh5 |
|
| 42 |
| vulnerability |
VCID-zcmk-4k97-kkd9 |
|
| 43 |
| vulnerability |
VCID-zjct-yufk-jkdg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.7.3 |
|
| 5 |
| url |
pkg:pypi/ansible@2.7.4 |
| purl |
pkg:pypi/ansible@2.7.4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-39vn-b7y4-v3ez |
|
| 2 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 3 |
| vulnerability |
VCID-3v1a-j6eq-57dk |
|
| 4 |
| vulnerability |
VCID-4331-d5yy-uybc |
|
| 5 |
| vulnerability |
VCID-46yu-yqv4-1ugb |
|
| 6 |
| vulnerability |
VCID-49gh-wgmc-mfew |
|
| 7 |
| vulnerability |
VCID-4tfv-snmv-bbax |
|
| 8 |
| vulnerability |
VCID-52zf-mjec-f3d5 |
|
| 9 |
| vulnerability |
VCID-5mcc-gtrr-j3e4 |
|
| 10 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 11 |
| vulnerability |
VCID-6hdk-ywcn-4qe4 |
|
| 12 |
| vulnerability |
VCID-6smx-ju23-8qes |
|
| 13 |
| vulnerability |
VCID-6swz-79ue-bbef |
|
| 14 |
| vulnerability |
VCID-7f2g-zz9p-sufc |
|
| 15 |
| vulnerability |
VCID-95kg-bk3s-g7gx |
|
| 16 |
| vulnerability |
VCID-98zq-xddz-dyc8 |
|
| 17 |
| vulnerability |
VCID-aq21-sp74-17gk |
|
| 18 |
| vulnerability |
VCID-axds-bd49-fbdj |
|
| 19 |
| vulnerability |
VCID-b423-t4kx-eqbq |
|
| 20 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 21 |
| vulnerability |
VCID-bmq3-uckn-tfhk |
|
| 22 |
| vulnerability |
VCID-brft-snn6-guc8 |
|
| 23 |
| vulnerability |
VCID-bvsa-kz7r-zyea |
|
| 24 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 25 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 26 |
| vulnerability |
VCID-gnq4-v5a7-m3ew |
|
| 27 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 28 |
| vulnerability |
VCID-j4px-r23h-9kb7 |
|
| 29 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 30 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 31 |
| vulnerability |
VCID-n2b8-e8fa-2ue1 |
|
| 32 |
| vulnerability |
VCID-nx86-xnct-afbs |
|
| 33 |
| vulnerability |
VCID-p6cz-c9ah-c7cp |
|
| 34 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
| 35 |
| vulnerability |
VCID-rarq-tdjt-hff3 |
|
| 36 |
| vulnerability |
VCID-rnub-zmb6-5yhw |
|
| 37 |
| vulnerability |
VCID-uvca-5e2n-pqew |
|
| 38 |
| vulnerability |
VCID-vctt-ev3n-zkf8 |
|
| 39 |
| vulnerability |
VCID-xk7s-y611-mffc |
|
| 40 |
| vulnerability |
VCID-xn7b-vz2e-6qdh |
|
| 41 |
| vulnerability |
VCID-xpfd-zdry-euh5 |
|
| 42 |
| vulnerability |
VCID-zjct-yufk-jkdg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.7.4 |
|
| 6 |
| url |
pkg:pypi/ansible@2.8.1 |
| purl |
pkg:pypi/ansible@2.8.1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-257n-yc2z-hfe8 |
|
| 1 |
| vulnerability |
VCID-39vn-b7y4-v3ez |
|
| 2 |
| vulnerability |
VCID-3jxq-kxnz-6bfh |
|
| 3 |
| vulnerability |
VCID-4331-d5yy-uybc |
|
| 4 |
| vulnerability |
VCID-46yu-yqv4-1ugb |
|
| 5 |
| vulnerability |
VCID-49gh-wgmc-mfew |
|
| 6 |
| vulnerability |
VCID-4tfv-snmv-bbax |
|
| 7 |
| vulnerability |
VCID-52zf-mjec-f3d5 |
|
| 8 |
| vulnerability |
VCID-5mcc-gtrr-j3e4 |
|
| 9 |
| vulnerability |
VCID-5r2p-dxtk-pkas |
|
| 10 |
| vulnerability |
VCID-6hdk-ywcn-4qe4 |
|
| 11 |
| vulnerability |
VCID-6smx-ju23-8qes |
|
| 12 |
| vulnerability |
VCID-6swz-79ue-bbef |
|
| 13 |
| vulnerability |
VCID-7d8z-g99x-7qh2 |
|
| 14 |
| vulnerability |
VCID-95kg-bk3s-g7gx |
|
| 15 |
| vulnerability |
VCID-98zq-xddz-dyc8 |
|
| 16 |
| vulnerability |
VCID-aq21-sp74-17gk |
|
| 17 |
| vulnerability |
VCID-axds-bd49-fbdj |
|
| 18 |
| vulnerability |
VCID-b423-t4kx-eqbq |
|
| 19 |
| vulnerability |
VCID-b8cv-v25q-1kh3 |
|
| 20 |
| vulnerability |
VCID-brft-snn6-guc8 |
|
| 21 |
| vulnerability |
VCID-bvsa-kz7r-zyea |
|
| 22 |
| vulnerability |
VCID-d8by-xxm3-xkhb |
|
| 23 |
| vulnerability |
VCID-enwa-2cfn-5uab |
|
| 24 |
| vulnerability |
VCID-gnq4-v5a7-m3ew |
|
| 25 |
| vulnerability |
VCID-hyr1-b223-bkef |
|
| 26 |
| vulnerability |
VCID-j4px-r23h-9kb7 |
|
| 27 |
| vulnerability |
VCID-kgjy-7kdy-c3cg |
|
| 28 |
| vulnerability |
VCID-m87b-eb5y-8ydf |
|
| 29 |
| vulnerability |
VCID-mk3k-n9wn-q3ct |
|
| 30 |
| vulnerability |
VCID-n2b8-e8fa-2ue1 |
|
| 31 |
| vulnerability |
VCID-nx86-xnct-afbs |
|
| 32 |
| vulnerability |
VCID-p6cz-c9ah-c7cp |
|
| 33 |
| vulnerability |
VCID-qtt6-8kf8-1fbt |
|
| 34 |
| vulnerability |
VCID-rarq-tdjt-hff3 |
|
| 35 |
| vulnerability |
VCID-rnub-zmb6-5yhw |
|
| 36 |
| vulnerability |
VCID-sdv2-h8d8-9ydj |
|
| 37 |
| vulnerability |
VCID-tfhg-gzz2-7qc5 |
|
| 38 |
| vulnerability |
VCID-uvca-5e2n-pqew |
|
| 39 |
| vulnerability |
VCID-vctt-ev3n-zkf8 |
|
| 40 |
| vulnerability |
VCID-xk7s-y611-mffc |
|
| 41 |
| vulnerability |
VCID-xn7b-vz2e-6qdh |
|
| 42 |
| vulnerability |
VCID-xpfd-zdry-euh5 |
|
| 43 |
| vulnerability |
VCID-zjct-yufk-jkdg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.8.1 |
|
|
| aliases |
CVE-2018-16859, GHSA-v735-2pp6-h86r, PYSEC-2018-60
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-zcmk-4k97-kkd9 |
|