Search for packages
| purl | pkg:pypi/ansible@2.6 |
| Tags | Ghost |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-px3x-t4ay-aaaa
Aliases: CVE-2018-10875 GHSA-fc4h-467w-46rh PYSEC-2018-43 |
A flaw was found in ansible. ansible.cfg is read from the current working directory which can be altered to make it point to a plugin or a module path under the control of an attacker, thus allowing the attacker to execute arbitrary code. |
Affected by 36 other vulnerabilities. |
|
VCID-yxyq-9868-aaaj
Aliases: CVE-2018-10874 GHSA-3xvg-x47j-x75w PYSEC-2018-81 |
In ansible it was found that inventory variables are loaded from current working directory when running ad-hoc command which are under attacker's control, allowing to run arbitrary code as a result. |
Affected by 36 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2024-09-17T22:26:53.454194+00:00 | GitLab Importer | Affected by | VCID-px3x-t4ay-aaaa | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/ansible/CVE-2018-10875.yml | 34.0.1 |
| 2024-09-17T22:26:52.850886+00:00 | GitLab Importer | Affected by | VCID-yxyq-9868-aaaj | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/ansible/CVE-2018-10874.yml | 34.0.1 |
| 2024-09-17T22:12:08.739604+00:00 | GHSA Importer | Affected by | VCID-yxyq-9868-aaaj | https://github.com/advisories/GHSA-3xvg-x47j-x75w | 34.0.1 |
| 2024-01-03T17:52:50.417400+00:00 | GitLab Importer | Affected by | VCID-px3x-t4ay-aaaa | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/ansible/CVE-2018-10875.yml | 34.0.0rc1 |
| 2024-01-03T17:52:49.959297+00:00 | GitLab Importer | Affected by | VCID-yxyq-9868-aaaj | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/ansible/CVE-2018-10874.yml | 34.0.0rc1 |