FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-24 03:12:49 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
0899c0d3-80f2-11ea-bafd-815569f3852dansible - win_unzip path normalization

Borja Tarraso reports:

A flaw was found in Ansible 2.7.17 and prior, 2.8.9 and prior, and 2.9.6 and prior when using the Extract-Zip function from the win_unzip module as the extracted file(s) are not checked if they belong to the destination folder. An attacker could take advantage of this flaw by crafting an archive anywhere in the file system, using a path traversal. This issue is fixed in 2.10.


Discovery 2020-02-12
Entry 2020-04-17
ansible
< 2.8.9

ansible27
< 2.7.17

ansible26
< 2.7.17

ansible25
< 2.7.17

ansible24
< 2.7.17

ansible23
< 2.7.17

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1737
https://github.com/ansible/ansible/issues/67795
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FWDK3QUVBULS3Q3PQTGEKUQYPSNOU5M3/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QT27K5ZRGDPCH7GT3DRI3LO4IVDVQUB7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U3IMV3XEIUXL6S4KPLYYM4TVJQ2VNEP2/
CVE-2020-1737
15a04b9f-47cb-11e7-a853-001fbc0f280fansible -- Input validation flaw in jinja2 templating system

RedHat security team reports:

An input validation flaw was found in Ansible, where it fails to properly mark lookup-plugin results as unsafe. If an attacker could control the results of lookup() calls, they could inject Unicode strings to be parsed by the jinja2 templating system, result in code execution.


Discovery 2017-05-09
Entry 2017-06-02
ansible
< 2.3.1

https://access.redhat.com/security/cve/cve-2017-7481
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7481
253c6889-06f0-11e6-925f-6805ca0b3d42ansible -- use of predictable paths in lxc_container

Ansible developers report:

CVE-2016-3096: do not use predictable paths in lxc_container

  • do not use a predictable filename for the LXC attach script
  • don't use predictable filenames for LXC attach script logging
  • don't set a predictable archive_path

this should prevent symlink attacks which could result in

  • data corruption
  • data leakage
  • privilege escalation

Discovery 2016-04-02
Entry 2016-04-20
ansible
ge 2.0.0.0 lt 2.0.2.0

ansible1
< 1.9.6

CVE-2016-3096
https://github.com/ansible/ansible-modules-extras/pull/1941/commits/8c6fe646ee79f5e55361b885b7efed5bec72d4a4
https://bugzilla.redhat.com/show_bug.cgi?id=1322925
2c493ac8-205e-11e5-a4a5-002590263bf5ansible -- remote code execution vulnerability

Ansible, Inc. reports:

Incomplete Fix Remote Code Execution Vulnerability - Fixed in Ansible 1.6.4


Discovery 2014-06-25
Entry 2015-07-02
ansible
< 1.6.4

CVE-2014-4678
68335
http://www.ansible.com/security
https://raw.githubusercontent.com/ansible/ansible/devel/CHANGELOG.md
478d4102-2319-4026-b3b2-a57c48f159acansible -- information disclosure flaw

ansible developers report:

Ansible versions 2.2.3 and earlier are vulnerable to an information disclosure flaw due to the interaction of call back plugins and the no_log directive where the information may not be sanitized properly.


Discovery 2017-07-21
Entry 2017-09-25
ansible
le 2.2.3

https://github.com/ansible/ansible/issues/22505
CVE-2017-7473
67dbeeb6-80f4-11ea-bafd-815569f3852dansible - subversion password leak from PID

Borja Tarraso reports:

A flaw was found in Ansible 2.7.16 and prior, 2.8.8 and prior, and 2.9.5 and prior when a password is set with the argument "password" of svn module, it is used on svn command line, disclosing to other users within the same node. An attacker could take advantage by reading the cmdline file from that particular PID on the procfs.


Discovery 2020-02-12
Entry 2020-04-17
ansible
< 2.8.9

ansible27
< 2.7.17

ansible26
< 2.7.17

ansible25
< 2.7.17

ansible24
< 2.7.17

ansible23
< 2.7.17

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1739
https://github.com/ansible/ansible/issues/67797
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FWDK3QUVBULS3Q3PQTGEKUQYPSNOU5M3/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QT27K5ZRGDPCH7GT3DRI3LO4IVDVQUB7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U3IMV3XEIUXL6S4KPLYYM4TVJQ2VNEP2/
CVE-2020-1739
72fccfdf-2061-11e5-a4a5-002590263bf5ansible -- multiple vulnerabilities

Ansible, Inc. reports:

Ensure that hostnames match certificate names when using HTTPS - resolved in Ansible 1.9.2

Improper symlink handling in zone, jail, and chroot connection plugins could lead to escape from confined environment - resolved in Ansible 1.9.2


Discovery 2015-06-25
Entry 2015-07-02
Modified 2015-08-18
ansible
< 1.9.2

CVE-2015-3908
CVE-2015-6240
http://www.ansible.com/security
https://raw.githubusercontent.com/ansible/ansible/v1.9.2-1/CHANGELOG.md
9dae9d62-205f-11e5-a4a5-002590263bf5ansible -- code execution from compromised remote host data or untrusted local data

Ansible, Inc. reports:

Arbitrary execution from data from compromised remote hosts or untrusted local data - resolved in Ansible 1.6.7


Discovery 2014-07-21
Entry 2015-07-02
ansible
< 1.6.7

CVE-2014-4966
68794
http://www.ansible.com/security
https://raw.githubusercontent.com/ansible/ansible/devel/CHANGELOG.md
a478421e-2059-11e5-a4a5-002590263bf5ansible -- enable host key checking in paramiko connection type

Ansible changelog reports:

Host key checking is on by default. Disable it if you like by adding host_key_checking=False in the [default] section of /etc/ansible/ansible.cfg or ~/ansible.cfg or by exporting ANSIBLE_HOST_KEY_CHECKING=False.


Discovery 2012-08-13
Entry 2015-07-02
ansible
< 1.2.1

CVE-2013-2233
https://raw.githubusercontent.com/ansible/ansible/devel/CHANGELOG.md
http://www.ansible.com/security
https://github.com/ansible/ansible/issues/857
a6a9f9d5-205c-11e5-a4a5-002590263bf5ansible -- local symlink exploits

MITRE reports:

runner/connection_plugins/ssh.py in Ansible before 1.2.3, when using ControlPersist, allows local users to redirect a ssh session via a symlink attack on a socket file with a predictable name in /tmp/.

lib/ansible/playbook/__init__.py in Ansible 1.2.x before 1.2.3, when playbook does not run due to an error, allows local users to overwrite arbitrary files via a symlink attack on a retry file with a predictable name in /var/tmp/ansible/.


Discovery 2013-08-21
Entry 2015-07-02
ansible
< 1.2.3

CVE-2013-4259
CVE-2013-4260
http://www.ansible.com/security
https://groups.google.com/forum/#!topic/ansible-project/UVDYW0HGcNg
a93c3287-d8fd-11e6-be5c-001fbc0f280fAnsible -- Command execution on Ansible controller from host

Computest reports:

Computest found and exploited several issues that allow a compromised host to execute commands on the Ansible controller and thus gain access to other hosts controlled by that controller.


Discovery 2017-01-09
Entry 2017-01-12
ansible
gt 1.9.6_1 lt 2.2.0.0_2

CVE-2016-9587
https://www.computest.nl/advisories/CT-2017-0109_Ansible.txt
https://lwn.net/Articles/711357/
ae2e7871-80f6-11ea-bafd-815569f3852dansible - Vault password leak from temporary file

Borja Tarraso reports:

A flaw was found in Ansible Engine when using Ansible Vault for editing encrypted files. When a user executes "ansible-vault edit", another user on the same computer can read the old and new secret, as it is created in a temporary file with mkstemp and the returned file descriptor is closed and the method write_data is called to write the existing secret in the file. This method will delete the file before recreating it insecurely. All versions in 2.7.x, 2.8.x and 2.9.x branches are believed to be vulnerable.


Discovery 2020-02-12
Entry 2020-04-17
ansible
< 2.8.9

ansible27
< 2.7.17

ansible26
< 2.7.17

ansible25
< 2.7.17

ansible24
< 2.7.17

ansible23
< 2.7.17

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1740
https://github.com/ansible/ansible/issues/67798
CVE-2020-1740
e308c61a-2060-11e5-a4a5-002590263bf5ansible -- multiple vulnerabilities

Ansible, Inc. reports:

Arbitrary execution from data from compromised remote hosts or local data when using a legacy Ansible syntax - resolved in Ansible 1.7

ansible-galaxy command when used on local tarballs (and not galaxy.ansible.com) can install a malformed tarball if so provided - resolved in Ansible 1.7


Discovery 2014-08-06
Entry 2015-07-02
ansible
< 1.7

http://www.ansible.com/security
https://raw.githubusercontent.com/ansible/ansible/devel/CHANGELOG.md