The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of Ansible Core

Ansible Core: directory traversal via Home Directories
An attacker can traverse directories via Home Directories of Ansible Core, in order to create a file outside the service root path...
CVE-2019-3828, DSA-4396-1, FEDORA-2019-7d1a63acc8, openSUSE-SU-2019:1125-1, openSUSE-SU-2019:1635-1, openSUSE-SU-2019:1858-1, USN-4072-1, VIGILANCE-VUL-28555
Ansible Core: information disclosure via Logged Ssh Retry
An attacker can bypass access restrictions to data via Logged Ssh Retry of Ansible Core, in order to obtain sensitive information...
CVE-2018-16876, DSA-4396-1, FEDORA-2018-af82e7c863, openSUSE-SU-2019:0238-1, openSUSE-SU-2019:1125-1, openSUSE-SU-2019:1635-1, openSUSE-SU-2019:1858-1, USN-4072-1, VIGILANCE-VUL-28025
Ansible Core: information disclosure via Windows Powershell Log
An attacker can bypass access restrictions to data via Windows Powershell Log of Ansible Core, in order to obtain sensitive information...
CVE-2018-16859, openSUSE-SU-2019:0238-1, openSUSE-SU-2019:1125-1, openSUSE-SU-2019:1635-1, openSUSE-SU-2019:1858-1, VIGILANCE-VUL-27915
Ansible Core: information disclosure via ssh-keygen Command Line
An attacker can bypass access restrictions to data via ssh-keygen Command Line of Ansible Core, in order to obtain sensitive information...
1640642, CVE-2018-16837, DLA-1576-1, DSA-4396-1, openSUSE-SU-2019:1125-1, openSUSE-SU-2019:1635-1, openSUSE-SU-2019:1858-1, USN-4072-1, VIGILANCE-VUL-27668
Ansible Core: multiple vulnerabilities
An attacker can use several vulnerabilities of Ansible Core...
VIGILANCE-VUL-27418
Ansible Core: privilege escalation via Current Directory Ansible.cfg
An attacker can bypass restrictions via Current Directory Ansible.cfg of Ansible Core, in order to escalate his privileges...
CVE-2018-10875, DLA-1923-1, DSA-4396-1, openSUSE-SU-2019:0238-1, openSUSE-SU-2019:1125-1, USN-4072-1, VIGILANCE-VUL-26638
Ansible Core: code execution via Inventory Variables
An attacker can use a vulnerability via Inventory Variables of Ansible, in order to run code...
1596528, CVE-2018-10874, USN-4072-1, VIGILANCE-VUL-26602
Ansible Core: information disclosure via Failed Tasks Log
An attacker can bypass access restrictions to data via Failed Tasks Log of Ansible Core, in order to obtain sensitive information...
CVE-2018-10855, DSA-4396-1, FEDORA-2018-1a6e6196b9, openSUSE-SU-2019:0238-1, RHSA-2018:1948-01, RHSA-2018:1949-01, USN-4072-1, VIGILANCE-VUL-26459
Ansible: information disclosure via Jenkins_plugin Password Params
An attacker can bypass access restrictions to data via Jenkins_plugin Password Params of Ansible, in order to obtain sensitive information...
CVE-2017-7550, FEDORA-2017-008017c9fe, FEDORA-2017-8bf1b0c692, openSUSE-SU-2017:2976-1, openSUSE-SU-2017:2978-1, RHSA-2017:2966-01, VIGILANCE-VUL-24190
Ansible Core: use of unvalidated data
An attacker can tamper with the environment variable ninja2 as used by Ansible Core, in order to bypass some input checks and maybe run arbitrary code...
CVE-2017-7481, FEDORA-2017-49c0ac5ce7, FEDORA-2017-6aff7475b7, FEDORA-2017-87a64155eb, openSUSE-SU-2017:2976-1, openSUSE-SU-2017:2978-1, openSUSE-SU-2019:0238-1, USN-4072-1, VIGILANCE-VUL-22698
Our database contains other pages. You can request a free trial to read them.

Display information about Ansible Core: