| Max CVSS | 4.6 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2018-10874 | 4.6 |
In ansible it was found that inventory variables are loaded from current working directory when running ad-hoc command which are under attacker's control, allowing to run arbitrary code as a result.
|
13-02-2023 - 04:51 | 02-07-2018 - 13:29 | |
| CVE-2018-10875 | 4.6 |
A flaw was found in ansible. ansible.cfg is read from the current working directory which can be altered to make it point to a plugin or a module path under the control of an attacker, thus allowing the attacker to execute arbitrary code.
|
04-08-2021 - 17:14 | 13-07-2018 - 22:29 | |
| CVE-2018-10855 | 4.3 |
Ansible 2.5 prior to 2.5.5, and 2.4 prior to 2.4.5, do not honor the no_log task flag for failed tasks. When the no_log flag has been used to protect sensitive data passed to a task from being logged, and that task does not run successfully, Ansible
|
04-08-2021 - 17:14 | 03-07-2018 - 01:29 |