Search for vulnerabilities
Vulnerability details: VCID-r3mc-rr9j-ybgh
Vulnerability ID VCID-r3mc-rr9j-ybgh
Aliases CVE-2020-1733
GHSA-g4mq-6fp5-qwcf
PYSEC-2020-5
Summary A race condition flaw was found in Ansible Engine 2.7.17 and prior, 2.8.9 and prior, 2.9.6 and prior when running a playbook with an unprivileged become user. When Ansible needs to run a module with become user, the temporary directory is created in /var/tmp. This directory is created with "umask 77 && mkdir -p <dir>"; this operation does not fail if the directory already exists and is owned by another user. An attacker could take advantage to gain control of the become user as the target directory can be retrieved by iterating '/proc/<pid>/cmdline'.
Status Published
Exploitability 0.5
Weighted Severity 4.5
Risk 2.2
Affected and Fixed Packages Package Details
Weaknesses (5)
CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CWE-377 Insecure Temporary File
CWE-668 Exposure of Resource to Wrong Sphere
CWE-937 OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
CWE-1035 OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
System Score Found at
cvssv3 5.0 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1733.json
epss 0.00036 https://api.first.org/data/v1/epss?cve=CVE-2020-1733
epss 0.00036 https://api.first.org/data/v1/epss?cve=CVE-2020-1733
epss 0.00036 https://api.first.org/data/v1/epss?cve=CVE-2020-1733
epss 0.00036 https://api.first.org/data/v1/epss?cve=CVE-2020-1733
epss 0.00036 https://api.first.org/data/v1/epss?cve=CVE-2020-1733
epss 0.00036 https://api.first.org/data/v1/epss?cve=CVE-2020-1733
epss 0.00036 https://api.first.org/data/v1/epss?cve=CVE-2020-1733
epss 0.00036 https://api.first.org/data/v1/epss?cve=CVE-2020-1733
epss 0.00036 https://api.first.org/data/v1/epss?cve=CVE-2020-1733
epss 0.00036 https://api.first.org/data/v1/epss?cve=CVE-2020-1733
epss 0.00036 https://api.first.org/data/v1/epss?cve=CVE-2020-1733
epss 0.00036 https://api.first.org/data/v1/epss?cve=CVE-2020-1733
epss 0.00036 https://api.first.org/data/v1/epss?cve=CVE-2020-1733
epss 0.00036 https://api.first.org/data/v1/epss?cve=CVE-2020-1733
epss 0.00036 https://api.first.org/data/v1/epss?cve=CVE-2020-1733
epss 0.00036 https://api.first.org/data/v1/epss?cve=CVE-2020-1733
epss 0.00036 https://api.first.org/data/v1/epss?cve=CVE-2020-1733
epss 0.00036 https://api.first.org/data/v1/epss?cve=CVE-2020-1733
epss 0.00036 https://api.first.org/data/v1/epss?cve=CVE-2020-1733
epss 0.00036 https://api.first.org/data/v1/epss?cve=CVE-2020-1733
epss 0.00036 https://api.first.org/data/v1/epss?cve=CVE-2020-1733
epss 0.00036 https://api.first.org/data/v1/epss?cve=CVE-2020-1733
epss 0.00036 https://api.first.org/data/v1/epss?cve=CVE-2020-1733
epss 0.00036 https://api.first.org/data/v1/epss?cve=CVE-2020-1733
epss 0.00036 https://api.first.org/data/v1/epss?cve=CVE-2020-1733
epss 0.00036 https://api.first.org/data/v1/epss?cve=CVE-2020-1733
epss 0.00036 https://api.first.org/data/v1/epss?cve=CVE-2020-1733
epss 0.00036 https://api.first.org/data/v1/epss?cve=CVE-2020-1733
cvssv3.1 5.0 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1733
generic_textual LOW https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1733
cvssv3.1 5 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3.1 5.0 https://github.com/advisories/GHSA-g4mq-6fp5-qwcf
cvssv3.1_qr LOW https://github.com/advisories/GHSA-g4mq-6fp5-qwcf
generic_textual LOW https://github.com/advisories/GHSA-g4mq-6fp5-qwcf
cvssv3.1 5.0 https://github.com/ansible/ansible
generic_textual LOW https://github.com/ansible/ansible
cvssv3.1 5.0 https://github.com/ansible/ansible/commit/80b9a0a25c5f75e84aefc8f2b293fb1933b154f2
generic_textual LOW https://github.com/ansible/ansible/commit/80b9a0a25c5f75e84aefc8f2b293fb1933b154f2
cvssv3.1 5.0 https://github.com/ansible/ansible/commit/8251d9f4c2bc82632ab992277fcd30ccbf87aa47
generic_textual LOW https://github.com/ansible/ansible/commit/8251d9f4c2bc82632ab992277fcd30ccbf87aa47
cvssv3.1 5.0 https://github.com/ansible/ansible/commit/ecf99d5e1ff732a7777010facd6c98bb0994605e
generic_textual LOW https://github.com/ansible/ansible/commit/ecf99d5e1ff732a7777010facd6c98bb0994605e
cvssv3.1 5.0 https://github.com/ansible/ansible/issues/67791
generic_textual LOW https://github.com/ansible/ansible/issues/67791
cvssv3.1 5.0 https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2020-5.yaml
generic_textual LOW https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2020-5.yaml
cvssv3.1 5.0 https://lists.debian.org/debian-lts-announce/2020/05/msg00005.html
generic_textual LOW https://lists.debian.org/debian-lts-announce/2020/05/msg00005.html
cvssv3.1 5.0 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DKPA4KC3OJSUFASUYMG66HKJE7ADNGFW
generic_textual LOW https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DKPA4KC3OJSUFASUYMG66HKJE7ADNGFW
cvssv3.1 5.0 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRRYUU5ZBLPBXCYG6CFP35D64NP2UB2S
generic_textual LOW https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRRYUU5ZBLPBXCYG6CFP35D64NP2UB2S
cvssv3.1 5.0 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WQVOQD4VAIXXTVQAJKTN7NUGTJFE2PCB
generic_textual LOW https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WQVOQD4VAIXXTVQAJKTN7NUGTJFE2PCB
cvssv2 3.7 https://nvd.nist.gov/vuln/detail/CVE-2020-1733
cvssv3.1 5.0 https://nvd.nist.gov/vuln/detail/CVE-2020-1733
generic_textual LOW https://nvd.nist.gov/vuln/detail/CVE-2020-1733
cvssv3.1 5.0 https://security.gentoo.org/glsa/202006-11
generic_textual LOW https://security.gentoo.org/glsa/202006-11
cvssv3.1 5.0 https://www.debian.org/security/2021/dsa-4950
generic_textual LOW https://www.debian.org/security/2021/dsa-4950
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1733.json
https://api.first.org/data/v1/epss?cve=CVE-2020-1733
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1733
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10156
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10206
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14846
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14864
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14904
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10684
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10685
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10729
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14330
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14332
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14365
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1733
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1735
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1739
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1740
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1746
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1753
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20228
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
https://github.com/advisories/GHSA-g4mq-6fp5-qwcf
https://github.com/ansible/ansible
https://github.com/ansible/ansible/commit/80b9a0a25c5f75e84aefc8f2b293fb1933b154f2
https://github.com/ansible/ansible/commit/8251d9f4c2bc82632ab992277fcd30ccbf87aa47
https://github.com/ansible/ansible/commit/ecf99d5e1ff732a7777010facd6c98bb0994605e
https://github.com/ansible/ansible/issues/67791
https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2020-5.yaml
https://lists.debian.org/debian-lts-announce/2020/05/msg00005.html
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DKPA4KC3OJSUFASUYMG66HKJE7ADNGFW/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRRYUU5ZBLPBXCYG6CFP35D64NP2UB2S/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WQVOQD4VAIXXTVQAJKTN7NUGTJFE2PCB/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DKPA4KC3OJSUFASUYMG66HKJE7ADNGFW
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DKPA4KC3OJSUFASUYMG66HKJE7ADNGFW/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRRYUU5ZBLPBXCYG6CFP35D64NP2UB2S
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRRYUU5ZBLPBXCYG6CFP35D64NP2UB2S/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WQVOQD4VAIXXTVQAJKTN7NUGTJFE2PCB
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WQVOQD4VAIXXTVQAJKTN7NUGTJFE2PCB/
https://nvd.nist.gov/vuln/detail/CVE-2020-1733
https://security.gentoo.org/glsa/202006-11
https://www.debian.org/security/2021/dsa-4950
1801735 https://bugzilla.redhat.com/show_bug.cgi?id=1801735
cpe:2.3:a:redhat:ansible:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible:*:*:*:*:*:*:*:*
cpe:2.3:a:redhat:ansible_tower:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_tower:*:*:*:*:*:*:*:*
cpe:2.3:a:redhat:cloudforms_management_engine:5.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:cloudforms_management_engine:5.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openstack:13:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:13:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*
RHSA-2020:1541 https://access.redhat.com/errata/RHSA-2020:1541
RHSA-2020:1542 https://access.redhat.com/errata/RHSA-2020:1542
RHSA-2020:1543 https://access.redhat.com/errata/RHSA-2020:1543
RHSA-2020:1544 https://access.redhat.com/errata/RHSA-2020:1544
USN-USN-5315-1 https://usn.ubuntu.com/USN-5315-1/
No exploits are available.
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1733.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L Found at https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1733
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L Found at https://github.com/advisories/GHSA-g4mq-6fp5-qwcf
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L Found at https://github.com/ansible/ansible
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L Found at https://github.com/ansible/ansible/commit/80b9a0a25c5f75e84aefc8f2b293fb1933b154f2
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L Found at https://github.com/ansible/ansible/commit/8251d9f4c2bc82632ab992277fcd30ccbf87aa47
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L Found at https://github.com/ansible/ansible/commit/ecf99d5e1ff732a7777010facd6c98bb0994605e
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L Found at https://github.com/ansible/ansible/issues/67791
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L Found at https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2020-5.yaml
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L Found at https://lists.debian.org/debian-lts-announce/2020/05/msg00005.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L Found at https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DKPA4KC3OJSUFASUYMG66HKJE7ADNGFW
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L Found at https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRRYUU5ZBLPBXCYG6CFP35D64NP2UB2S
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L Found at https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WQVOQD4VAIXXTVQAJKTN7NUGTJFE2PCB
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: AV:L/AC:H/Au:N/C:P/I:P/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2020-1733
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L Found at https://nvd.nist.gov/vuln/detail/CVE-2020-1733
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L Found at https://security.gentoo.org/glsa/202006-11
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L Found at https://www.debian.org/security/2021/dsa-4950
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.0893
EPSS Score 0.00036
Published At July 30, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2025-07-31T08:08:20.905171+00:00 Pypa Importer Import https://github.com/pypa/advisory-database/blob/main/vulns/ansible/PYSEC-2020-5.yaml 37.0.0