Download
| Alert*
oval:org.secpod.oval:def:89046967
This update fixes the following issues: ansible: - Update to version 2.9.27 * CVE-2021-3620 ansible-connection module discloses sensitive info in traceback error message * CVE-2021-3583 Template Injection through yaml multi-line strings with ansible facts used in template. * ansible module nmcl ... oval:org.secpod.oval:def:1700566 A flaw was found in ansible. The "authkey" and "privkey" credentials are disclosed by default and not protected by no_log feature when using the snmp_facts module. Attackers could take advantage of this information to steal the SNMP credentials. The highest threat from this vulnerability is to data ... oval:org.secpod.oval:def:1701714 A flaw was found in ansible. The 'authkey' and 'privkey' credentials are disclosed by default and not protected by no_log feature when using the snmp_facts module. Attackers could take advantage of this information to steal the SNMP credentials. The highest threat from this vulnerability is to data ... oval:org.secpod.oval:def:119502 Ansible is a radically simple model-driven configuration management, multi-node deployment, and remote task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to m ... oval:org.secpod.oval:def:119499 Ansible is a radically simple model-driven configuration management, multi-node deployment, and remote task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to m ... |