Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:pypi/ansible@2.5
Typepypi
Namespace
Nameansible
Version2.5
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version3.0.0
Latest_non_vulnerable_version12.0.0
Affected_by_vulnerabilities
0
url VCID-yre5-mmmj-q3bn
vulnerability_id VCID-yre5-mmmj-q3bn
summary Ansible "User" module leaks any data which is passed on as a parameter to ssh-keygen. This could lean in undesirable situations such as passphrases credentials passed as a parameter for the ssh-keygen executable. Showing those credentials in clear text form for every user which have access just to the process list.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00021.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00021.html
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00077.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00077.html
2
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00020.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00020.html
3
reference_url https://access.redhat.com/errata/RHSA-2018:3460
reference_id
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:3460
4
reference_url https://access.redhat.com/errata/RHSA-2018:3461
reference_id
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:3461
5
reference_url https://access.redhat.com/errata/RHSA-2018:3462
reference_id
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:3462
6
reference_url https://access.redhat.com/errata/RHSA-2018:3463
reference_id
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:3463
7
reference_url https://access.redhat.com/errata/RHSA-2018:3505
reference_id
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:3505
8
reference_url https://access.redhat.com/security/cve/cve-2018-16837
reference_id
reference_type
scores
url https://access.redhat.com/security/cve/cve-2018-16837
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16837
reference_id
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16837
10
reference_url https://github.com/ansible/ansible/blob/stable-2.5/changelogs/CHANGELOG-v2.5.rst#v2511
reference_id
reference_type
scores
url https://github.com/ansible/ansible/blob/stable-2.5/changelogs/CHANGELOG-v2.5.rst#v2511
11
reference_url https://github.com/ansible/ansible/blob/stable-2.6/changelogs/CHANGELOG-v2.6.rst#v267
reference_id
reference_type
scores
url https://github.com/ansible/ansible/blob/stable-2.6/changelogs/CHANGELOG-v2.6.rst#v267
12
reference_url https://github.com/ansible/ansible/blob/stable-2.7/changelogs/CHANGELOG-v2.7.rst#v2-7-1
reference_id
reference_type
scores
url https://github.com/ansible/ansible/blob/stable-2.7/changelogs/CHANGELOG-v2.7.rst#v2-7-1
13
reference_url https://github.com/ansible/ansible/commit/a0aa53d1a1d6075a7ae98ace138712ee6cb45ae4
reference_id
reference_type
scores
url https://github.com/ansible/ansible/commit/a0aa53d1a1d6075a7ae98ace138712ee6cb45ae4
14
reference_url https://github.com/ansible/ansible/pull/47436
reference_id
reference_type
scores
url https://github.com/ansible/ansible/pull/47436
15
reference_url https://lists.debian.org/debian-lts-announce/2018/11/msg00012.html
reference_id
reference_type
scores
url https://lists.debian.org/debian-lts-announce/2018/11/msg00012.html
16
reference_url https://usn.ubuntu.com/4072-1/
reference_id
reference_type
scores
url https://usn.ubuntu.com/4072-1/
17
reference_url https://www.debian.org/security/2019/dsa-4396
reference_id
reference_type
scores
url https://www.debian.org/security/2019/dsa-4396
18
reference_url http://www.securityfocus.com/bid/105700
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/105700
19
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-16837
reference_id CVE-2018-16837
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2018-16837
fixed_packages
0
url pkg:pypi/ansible@2.5.11
purl pkg:pypi/ansible@2.5.11
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1sty-hqbq-63hy
1
vulnerability VCID-2z4k-r21v-rfgx
2
vulnerability VCID-5p9q-7q6e-vkg8
3
vulnerability VCID-7qnx-1gp2-v7bb
4
vulnerability VCID-833d-up6b-rfe1
5
vulnerability VCID-8u2v-jtqe-dqg3
6
vulnerability VCID-am9g-ba4h-sfhr
7
vulnerability VCID-cuq1-se5h-vygd
8
vulnerability VCID-cxts-25nq-4fcs
9
vulnerability VCID-dkds-s3ad-cufa
10
vulnerability VCID-gm99-68bj-c3cz
11
vulnerability VCID-gxw4-ydnj-fkfe
12
vulnerability VCID-hjc4-jcfm-7be5
13
vulnerability VCID-hpqa-ysnc-b7dw
14
vulnerability VCID-hq4d-92s2-vqg6
15
vulnerability VCID-k8a2-5yfh-j7gp
16
vulnerability VCID-mbj9-3bnb-wbda
17
vulnerability VCID-p4p5-29r5-8qh9
18
vulnerability VCID-pqj1-u787-g3aj
19
vulnerability VCID-subj-aje2-93bk
20
vulnerability VCID-v5kk-umvk-6fgg
21
vulnerability VCID-vhxq-1hqq-77bx
22
vulnerability VCID-vsv2-4d8c-m3g1
23
vulnerability VCID-x4mr-vrp9-ufg6
24
vulnerability VCID-ykkx-swgs-vybn
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.5.11
1
url pkg:pypi/ansible@2.6.7
purl pkg:pypi/ansible@2.6.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1sty-hqbq-63hy
1
vulnerability VCID-2z4k-r21v-rfgx
2
vulnerability VCID-5p9q-7q6e-vkg8
3
vulnerability VCID-7qnx-1gp2-v7bb
4
vulnerability VCID-833d-up6b-rfe1
5
vulnerability VCID-8u2v-jtqe-dqg3
6
vulnerability VCID-am9g-ba4h-sfhr
7
vulnerability VCID-cuq1-se5h-vygd
8
vulnerability VCID-cxts-25nq-4fcs
9
vulnerability VCID-dkds-s3ad-cufa
10
vulnerability VCID-frk2-9jfm-cybm
11
vulnerability VCID-gm99-68bj-c3cz
12
vulnerability VCID-gxw4-ydnj-fkfe
13
vulnerability VCID-hjc4-jcfm-7be5
14
vulnerability VCID-hpqa-ysnc-b7dw
15
vulnerability VCID-hq4d-92s2-vqg6
16
vulnerability VCID-k8a2-5yfh-j7gp
17
vulnerability VCID-mbj9-3bnb-wbda
18
vulnerability VCID-p4p5-29r5-8qh9
19
vulnerability VCID-pqj1-u787-g3aj
20
vulnerability VCID-subj-aje2-93bk
21
vulnerability VCID-v5kk-umvk-6fgg
22
vulnerability VCID-vhxq-1hqq-77bx
23
vulnerability VCID-vsv2-4d8c-m3g1
24
vulnerability VCID-vxkb-9p6a-5yan
25
vulnerability VCID-x4mr-vrp9-ufg6
26
vulnerability VCID-ykkx-swgs-vybn
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.6.7
2
url pkg:pypi/ansible@2.7.1
purl pkg:pypi/ansible@2.7.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1sty-hqbq-63hy
1
vulnerability VCID-2z4k-r21v-rfgx
2
vulnerability VCID-5p9q-7q6e-vkg8
3
vulnerability VCID-78m2-3fj5-tbh1
4
vulnerability VCID-7ben-361w-tkdr
5
vulnerability VCID-7qnx-1gp2-v7bb
6
vulnerability VCID-833d-up6b-rfe1
7
vulnerability VCID-8u2v-jtqe-dqg3
8
vulnerability VCID-am9g-ba4h-sfhr
9
vulnerability VCID-cuq1-se5h-vygd
10
vulnerability VCID-cxts-25nq-4fcs
11
vulnerability VCID-dkds-s3ad-cufa
12
vulnerability VCID-etb4-2qch-6kgw
13
vulnerability VCID-frk2-9jfm-cybm
14
vulnerability VCID-gm99-68bj-c3cz
15
vulnerability VCID-gxw4-ydnj-fkfe
16
vulnerability VCID-hjc4-jcfm-7be5
17
vulnerability VCID-hpqa-ysnc-b7dw
18
vulnerability VCID-hq4d-92s2-vqg6
19
vulnerability VCID-hs3w-mah1-ckb5
20
vulnerability VCID-k8a2-5yfh-j7gp
21
vulnerability VCID-mbj9-3bnb-wbda
22
vulnerability VCID-p4p5-29r5-8qh9
23
vulnerability VCID-pqj1-u787-g3aj
24
vulnerability VCID-qztj-r7zc-jue3
25
vulnerability VCID-subj-aje2-93bk
26
vulnerability VCID-v5kk-umvk-6fgg
27
vulnerability VCID-vhxq-1hqq-77bx
28
vulnerability VCID-vsv2-4d8c-m3g1
29
vulnerability VCID-vxkb-9p6a-5yan
30
vulnerability VCID-w2n8-uxbb-k7f9
31
vulnerability VCID-x4mr-vrp9-ufg6
32
vulnerability VCID-ykkx-swgs-vybn
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.7.1
aliases CVE-2018-16837, PYSEC-2018-44
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yre5-mmmj-q3bn
Fixing_vulnerabilities
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.5