Search CVE reports


Toggle filters

31 – 40 of 79 results


CVE-2020-1746

Medium priority
Needs evaluation

A flaw was found in the Ansible Engine affecting Ansible Engine versions 2.7.x before 2.7.17 and 2.8.x before 2.8.11 and 2.9.x before 2.9.7 as well as Ansible Tower before and including versions 3.4.5 and 3.5.5 and 3.6.3 when the...

1 affected package

ansible

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ansible Not affected Not affected Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2020-10685

Medium priority
Needs evaluation

A flaw was found in Ansible Engine affecting Ansible Engine versions 2.7.x before 2.7.17 and 2.8.x before 2.8.11 and 2.9.x before 2.9.7 as well as Ansible Tower before and including versions 3.4.5 and 3.5.5 and 3.6.3 when using...

1 affected package

ansible

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ansible Not affected Not affected Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2020-10691

Medium priority
Needs evaluation

An archive traversal flaw was found in all ansible-engine versions 2.9.x prior to 2.9.7, when running ansible-galaxy collection install. When extracting a collection .tar.gz file, the directory is created without sanitizing the...

1 affected package

ansible

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ansible Not affected Not affected Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2019-14905

Medium priority
Needs evaluation

A vulnerability was found in Ansible Engine versions 2.9.x before 2.9.3, 2.8.x before 2.8.8, 2.7.x before 2.7.16 and earlier, where in Ansible's nxos_file_copy module can be used to copy files to a flash or bootflash on NXOS...

1 affected package

ansible

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ansible Not affected Not affected Not affected Needs evaluation Needs evaluation
Show less packages

CVE-2020-10684

Medium priority
Needs evaluation

A flaw was found in Ansible Engine, all versions 2.7.x, 2.8.x and 2.9.x prior to 2.7.17, 2.8.9 and 2.9.6 respectively, when using ansible_facts as a subkey of itself and promoting it to a variable when inject is...

1 affected package

ansible

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ansible Not affected Not affected Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2020-1740

Medium priority
Vulnerable

A flaw was found in Ansible Engine when using Ansible Vault for editing encrypted files. When a user executes "ansible-vault edit", another user on the same computer can read the old and new secret, as it is created in a temporary...

1 affected package

ansible

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ansible Not affected Not affected Vulnerable Vulnerable Vulnerable
Show less packages

CVE-2020-1738

Medium priority
Needs evaluation

A flaw was found in Ansible Engine when the module package or service is used and the parameter 'use' is not specified. If a previous task is executed with a malicious user, the module sent can be selected by the attacker using...

1 affected package

ansible

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ansible Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2020-1736

Medium priority
Needs evaluation

A flaw was found in Ansible Engine when a file is moved using atomic_move primitive as the file mode cannot be specified. This sets the destination files world-readable if the destination file does not exist and if the...

1 affected package

ansible

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ansible Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2020-1735

Medium priority
Needs evaluation

A flaw was found in the Ansible Engine when the fetch module is used. An attacker could intercept the module, inject a new path, and then choose a new destination path on the controller node. All versions in 2.7.x, 2.8.x and 2.9.x...

1 affected package

ansible

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ansible Not affected Not affected Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2020-1753

Medium priority
Needs evaluation

A security flaw was found in Ansible Engine, all Ansible 2.7.x versions prior to 2.7.17, all Ansible 2.8.x versions prior to 2.8.11 and all Ansible 2.9.x versions prior to 2.9.7, when managing kubernetes using the k8s module....

1 affected package

ansible

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ansible Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages