Search for vulnerabilities
Vulnerability details: VCID-aru1-9t88-b7cg
Vulnerability ID VCID-aru1-9t88-b7cg
Aliases CVE-2018-16876
GHSA-j569-fghw-f9rx
PYSEC-2019-141
Summary ansible before versions 2.5.14, 2.6.11, 2.7.5 is vulnerable to a information disclosure flaw in vvv+ mode with no_log on that can lead to leakage of sensible data.
Status Published
Exploitability 0.5
Weighted Severity 8.0
Risk 4.0
Affected and Fixed Packages Package Details
Weaknesses (3)
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
CWE-937 OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
CWE-1035 OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
System Score Found at
cvssv3.1 5.3 http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00021.html
generic_textual HIGH http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00021.html
cvssv3.1 5.3 http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00077.html
generic_textual HIGH http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00077.html
cvssv3.1 5.3 http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00020.html
generic_textual HIGH http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00020.html
cvssv3.1 5.3 https://access.redhat.com/errata/RHSA-2018:3835
generic_textual HIGH https://access.redhat.com/errata/RHSA-2018:3835
cvssv3.1 5.3 https://access.redhat.com/errata/RHSA-2018:3836
generic_textual HIGH https://access.redhat.com/errata/RHSA-2018:3836
cvssv3.1 5.3 https://access.redhat.com/errata/RHSA-2018:3837
generic_textual HIGH https://access.redhat.com/errata/RHSA-2018:3837
cvssv3.1 5.3 https://access.redhat.com/errata/RHSA-2018:3838
generic_textual HIGH https://access.redhat.com/errata/RHSA-2018:3838
cvssv3.1 5.3 https://access.redhat.com/errata/RHSA-2019:0564
generic_textual HIGH https://access.redhat.com/errata/RHSA-2019:0564
cvssv3.1 5.3 https://access.redhat.com/errata/RHSA-2019:0590
generic_textual HIGH https://access.redhat.com/errata/RHSA-2019:0590
cvssv3 5.3 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16876.json
epss 0.01032 https://api.first.org/data/v1/epss?cve=CVE-2018-16876
epss 0.01032 https://api.first.org/data/v1/epss?cve=CVE-2018-16876
epss 0.01032 https://api.first.org/data/v1/epss?cve=CVE-2018-16876
epss 0.01032 https://api.first.org/data/v1/epss?cve=CVE-2018-16876
epss 0.01032 https://api.first.org/data/v1/epss?cve=CVE-2018-16876
epss 0.01032 https://api.first.org/data/v1/epss?cve=CVE-2018-16876
epss 0.01032 https://api.first.org/data/v1/epss?cve=CVE-2018-16876
epss 0.01032 https://api.first.org/data/v1/epss?cve=CVE-2018-16876
epss 0.01032 https://api.first.org/data/v1/epss?cve=CVE-2018-16876
epss 0.01032 https://api.first.org/data/v1/epss?cve=CVE-2018-16876
epss 0.01032 https://api.first.org/data/v1/epss?cve=CVE-2018-16876
epss 0.01032 https://api.first.org/data/v1/epss?cve=CVE-2018-16876
epss 0.01032 https://api.first.org/data/v1/epss?cve=CVE-2018-16876
epss 0.01032 https://api.first.org/data/v1/epss?cve=CVE-2018-16876
epss 0.01032 https://api.first.org/data/v1/epss?cve=CVE-2018-16876
epss 0.01032 https://api.first.org/data/v1/epss?cve=CVE-2018-16876
epss 0.01032 https://api.first.org/data/v1/epss?cve=CVE-2018-16876
epss 0.01032 https://api.first.org/data/v1/epss?cve=CVE-2018-16876
epss 0.01032 https://api.first.org/data/v1/epss?cve=CVE-2018-16876
epss 0.01032 https://api.first.org/data/v1/epss?cve=CVE-2018-16876
epss 0.01032 https://api.first.org/data/v1/epss?cve=CVE-2018-16876
epss 0.01032 https://api.first.org/data/v1/epss?cve=CVE-2018-16876
epss 0.01032 https://api.first.org/data/v1/epss?cve=CVE-2018-16876
epss 0.01032 https://api.first.org/data/v1/epss?cve=CVE-2018-16876
epss 0.01032 https://api.first.org/data/v1/epss?cve=CVE-2018-16876
cvssv3.1 5.3 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16876
generic_textual HIGH https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16876
cvssv3 3.1 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3.1_qr HIGH https://github.com/advisories/GHSA-j569-fghw-f9rx
cvssv3.1 5.3 https://github.com/ansible/ansible
generic_textual HIGH https://github.com/ansible/ansible
cvssv3.1 5.3 https://github.com/ansible/ansible/commit/0954942dfdc563f80fd3e388f550aa165ec931da
generic_textual HIGH https://github.com/ansible/ansible/commit/0954942dfdc563f80fd3e388f550aa165ec931da
cvssv3.1 5.3 https://github.com/ansible/ansible/commit/424c68f15ad9f532d73e5afed33ff477f54281a7
generic_textual HIGH https://github.com/ansible/ansible/commit/424c68f15ad9f532d73e5afed33ff477f54281a7
cvssv3.1 5.3 https://github.com/ansible/ansible/commit/e0a81d133ffc8f7067182c53cf6a28c724dd1099
generic_textual HIGH https://github.com/ansible/ansible/commit/e0a81d133ffc8f7067182c53cf6a28c724dd1099
cvssv3.1 5.3 https://github.com/ansible/ansible/issues/51318
generic_textual HIGH https://github.com/ansible/ansible/issues/51318
cvssv3.1 5.3 https://github.com/ansible/ansible/pull/49569
generic_textual HIGH https://github.com/ansible/ansible/pull/49569
cvssv3.1 5.3 https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2019-141.yaml
generic_textual HIGH https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2019-141.yaml
cvssv2 3.5 https://nvd.nist.gov/vuln/detail/CVE-2018-16876
cvssv3.1 5.3 https://nvd.nist.gov/vuln/detail/CVE-2018-16876
generic_textual HIGH https://nvd.nist.gov/vuln/detail/CVE-2018-16876
cvssv3.1 5.3 https://usn.ubuntu.com/4072-1
generic_textual HIGH https://usn.ubuntu.com/4072-1
cvssv3.1 5.3 https://web.archive.org/web/20200227100904/http://www.securityfocus.com/bid/106225
generic_textual HIGH https://web.archive.org/web/20200227100904/http://www.securityfocus.com/bid/106225
cvssv3.1 5.3 https://www.debian.org/security/2019/dsa-4396
generic_textual HIGH https://www.debian.org/security/2019/dsa-4396
Reference id Reference type URL
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00021.html
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00077.html
http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00020.html
https://access.redhat.com/errata/RHSA-2018:3835
https://access.redhat.com/errata/RHSA-2018:3836
https://access.redhat.com/errata/RHSA-2018:3837
https://access.redhat.com/errata/RHSA-2018:3838
https://access.redhat.com/errata/RHSA-2019:0564
https://access.redhat.com/errata/RHSA-2019:0590
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16876.json
https://api.first.org/data/v1/epss?cve=CVE-2018-16876
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16876
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10855
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10875
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16837
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16876
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3828
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
https://github.com/ansible/ansible
https://github.com/ansible/ansible/commit/0954942dfdc563f80fd3e388f550aa165ec931da
https://github.com/ansible/ansible/commit/424c68f15ad9f532d73e5afed33ff477f54281a7
https://github.com/ansible/ansible/commit/e0a81d133ffc8f7067182c53cf6a28c724dd1099
https://github.com/ansible/ansible/issues/51318
https://github.com/ansible/ansible/pull/49569
https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2019-141.yaml
https://nvd.nist.gov/vuln/detail/CVE-2018-16876
https://usn.ubuntu.com/4072-1
https://usn.ubuntu.com/4072-1/
https://web.archive.org/web/20200227100904/http://www.securityfocus.com/bid/106225
https://www.debian.org/security/2019/dsa-4396
http://www.securityfocus.com/bid/106225
1657330 https://bugzilla.redhat.com/show_bug.cgi?id=1657330
916102 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=916102
cpe:2.3:a:redhat:ansible:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible:*:*:*:*:*:*:*:*
cpe:2.3:a:redhat:ansible_engine:2.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_engine:2.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:ansible_engine:2.5:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_engine:2.5:*:*:*:*:*:*:*
cpe:2.3:a:redhat:ansible_engine:2.6:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_engine:2.6:*:*:*:*:*:*:*
cpe:2.3:a:redhat:ansible_engine:2.7:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_engine:2.7:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openstack:14:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:14:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
GHSA-j569-fghw-f9rx https://github.com/advisories/GHSA-j569-fghw-f9rx
No exploits are available.
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N Found at http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00021.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N Found at http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00077.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N Found at http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00020.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N Found at https://access.redhat.com/errata/RHSA-2018:3835
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N Found at https://access.redhat.com/errata/RHSA-2018:3836
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N Found at https://access.redhat.com/errata/RHSA-2018:3837
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N Found at https://access.redhat.com/errata/RHSA-2018:3838
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N Found at https://access.redhat.com/errata/RHSA-2019:0564
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N Found at https://access.redhat.com/errata/RHSA-2019:0590
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16876.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N Found at https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16876
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N Found at https://github.com/ansible/ansible
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N Found at https://github.com/ansible/ansible/commit/0954942dfdc563f80fd3e388f550aa165ec931da
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N Found at https://github.com/ansible/ansible/commit/424c68f15ad9f532d73e5afed33ff477f54281a7
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N Found at https://github.com/ansible/ansible/commit/e0a81d133ffc8f7067182c53cf6a28c724dd1099
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N Found at https://github.com/ansible/ansible/issues/51318
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N Found at https://github.com/ansible/ansible/pull/49569
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N Found at https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2019-141.yaml
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: AV:N/AC:M/Au:S/C:P/I:N/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2018-16876
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2018-16876
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N Found at https://usn.ubuntu.com/4072-1
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N Found at https://web.archive.org/web/20200227100904/http://www.securityfocus.com/bid/106225
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N Found at https://www.debian.org/security/2019/dsa-4396
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.76438
EPSS Score 0.01032
Published At July 30, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2025-07-31T08:07:22.072259+00:00 Pypa Importer Import https://github.com/pypa/advisory-database/blob/main/vulns/ansible/PYSEC-2019-141.yaml 37.0.0