Moderate severityNVD Advisory· Published Apr 5, 2018· Updated Sep 16, 2024
CVE-2018-1000149
CVE-2018-1000149
Description
Jenkins Ansible Plugin 0.8 and earlier disables SSH host key verification by default, enabling man-in-the-middle attacks.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Jenkins Ansible Plugin 0.8 and earlier disables SSH host key verification by default, enabling man-in-the-middle attacks.
Vulnerability
Jenkins Ansible Plugin versions 0.8 and older disable SSH host key verification by default. This affects classes such as AbstractAnsibleInvocation.java, AnsibleAdHocCommandBuilder.java, and AnsiblePlaybookStep.java, as described in the advisory [2]. The variable hostKeyChecking defaulted to false, which disabled host key checking, allowing unauthorized connections [1].
Exploitation
An attacker in a network position to intercept SSH traffic between Jenkins and Ansible-managed hosts can perform a man-in-the-middle attack. No authentication is required beyond network access. The attacker intercepts the SSH connection and impersonates the target host, as the plugin does not verify the host key by default [3].
Impact
Successful exploitation allows the attacker to execute arbitrary Ansible commands on managed hosts, potentially compromising both the Jenkins master and the managed nodes. This can lead to information disclosure, remote code execution, and full control over affected systems [2].
Mitigation
Upgrade to Jenkins Ansible Plugin version 1.0 or later, which changes the default to enable host key verification [1]. If upgrade is not possible, manually enable host key checking by setting ANSIBLE_HOST_KEY_CHECKING=True in the plugin configuration [2].
References
AI Insight generated on May 22, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.jenkins-ci.plugins:ansibleMaven | < 1.0 | 1.0 |
Affected products
1Patches
106d30e5b626a[SECURITY-630] hostKey is secure by default now. Old hostKeyChecking value is ignored and deprecated. Currently you will need to disabled the checking.
21 files changed · +231 −36
pom.xml+11 −1 modified@@ -8,7 +8,7 @@ <groupId>org.jenkins-ci.plugins</groupId> <artifactId>ansible</artifactId> - <version>0.9-SNAPSHOT</version> + <version>1.0-SNAPSHOT</version> <packaging>hpi</packaging> <name>Jenkins Ansible plugin</name> <description>Ansible support in Jenkins</description> @@ -131,6 +131,16 @@ </plugin> </plugins> </pluginManagement> + <plugins> + <plugin> + <groupId>org.jenkins-ci.tools</groupId> + <artifactId>maven-hpi-plugin</artifactId> + <extensions>true</extensions> + <configuration> + <compatibleSinceVersion>1.0</compatibleSinceVersion> + </configuration> + </plugin> + </plugins> </build> <properties>
src/main/java/org/jenkinsci/plugins/ansible/AbstractAnsibleInvocation.java+2 −2 modified@@ -275,8 +275,8 @@ public T setColorizedOutput(boolean colorizedOutput) { return (T) this; } - public T setHostKeyCheck(boolean hostKeyChecking) { - if (! hostKeyChecking) { + public T setDisableHostKeyCheck(boolean disableHostKeyChecking) { + if (disableHostKeyChecking) { environment.put("ANSIBLE_HOST_KEY_CHECKING", "False"); } return (T) this;
src/main/java/org/jenkinsci/plugins/ansible/AnsibleAdHocCommandBuilder.java+17 −4 modified@@ -22,6 +22,7 @@ import com.cloudbees.plugins.credentials.CredentialsProvider; import com.cloudbees.plugins.credentials.common.StandardCredentials; import com.cloudbees.plugins.credentials.common.StandardUsernameCredentials; +import edu.umd.cs.findbugs.annotations.SuppressFBWarnings; import hudson.AbortException; import hudson.EnvVars; import hudson.Extension; @@ -79,7 +80,12 @@ public class AnsibleAdHocCommandBuilder extends Builder implements SimpleBuildSt public boolean colorizedOutput = false; - public boolean hostKeyChecking = false; + public boolean disableHostKeyChecking = false; + + @Deprecated + @SuppressWarnings("unused") + @SuppressFBWarnings("URF_UNREAD_PUBLIC_OR_PROTECTED_FIELD") + public transient boolean hostKeyChecking = true; public String additionalParameters = null; @@ -102,7 +108,8 @@ public AnsibleAdHocCommandBuilder(String ansibleName, String hostPattern, Invent this.forks = forks; this.unbufferedOutput = unbufferedOutput; this.colorizedOutput = colorizedOutput; - this.hostKeyChecking = hostKeyChecking; + // ignored because of SECURITY-630 + //this.hostKeyChecking = hostKeyChecking; this.additionalParameters = additionalParameters; } @@ -164,8 +171,14 @@ public void setColorizedOutput(boolean colorizedOutput) { } @DataBoundSetter + public void setDisableHostKeyChecking(boolean disableHostKeyChecking) { + this.disableHostKeyChecking = disableHostKeyChecking; + } + + @DataBoundSetter + @Deprecated public void setHostKeyChecking(boolean hostKeyChecking) { - this.hostKeyChecking = hostKeyChecking; + this.hostKeyChecking = true; } @DataBoundSetter @@ -204,7 +217,7 @@ public void perform(@Nonnull Run<?, ?> run, @Nonnull FilePath ws, @Nonnull Launc null); invocation.setExtraVars(extraVars); invocation.setAdditionalParameters(additionalParameters); - invocation.setHostKeyCheck(hostKeyChecking); + invocation.setDisableHostKeyCheck(disableHostKeyChecking); invocation.setUnbufferedOutput(unbufferedOutput); invocation.setColorizedOutput(colorizedOutput); if (!invocation.execute(runner)) {
src/main/java/org/jenkinsci/plugins/ansible/AnsiblePlaybookBuilder.java+16 −4 modified@@ -22,6 +22,7 @@ import com.cloudbees.plugins.credentials.CredentialsProvider; import com.cloudbees.plugins.credentials.common.StandardCredentials; import com.cloudbees.plugins.credentials.common.StandardUsernameCredentials; +import edu.umd.cs.findbugs.annotations.SuppressFBWarnings; import hudson.AbortException; import hudson.EnvVars; import hudson.Extension; @@ -82,7 +83,12 @@ public class AnsiblePlaybookBuilder extends Builder implements SimpleBuildStep public boolean colorizedOutput = false; - public boolean hostKeyChecking = false; + public boolean disableHostKeyChecking = false; + + @Deprecated + @SuppressWarnings("unused") + @SuppressFBWarnings("URF_UNREAD_PUBLIC_OR_PROTECTED_FIELD") + public transient boolean hostKeyChecking = true; public String additionalParameters = null; @@ -109,7 +115,7 @@ public AnsiblePlaybookBuilder(String ansibleName, String playbook, Inventory inv this.forks = forks; this.unbufferedOutput = unbufferedOutput; this.colorizedOutput = colorizedOutput; - this.hostKeyChecking = hostKeyChecking; + //this.hostKeyChecking = hostKeyChecking; this.additionalParameters = additionalParameters; } @@ -194,8 +200,14 @@ public void setColorizedOutput(boolean colorizedOutput) { } @DataBoundSetter + public void setDisableHostKeyChecking(boolean disableHostKeyChecking) { + this.disableHostKeyChecking = disableHostKeyChecking; + } + + @DataBoundSetter + @Deprecated public void setHostKeyChecking(boolean hostKeyChecking) { - this.hostKeyChecking = hostKeyChecking; + this.hostKeyChecking = true; } @DataBoundSetter @@ -243,7 +255,7 @@ public void perform(@Nonnull Run<?, ?> run, @Nonnull Node node, @Nonnull FilePat CredentialsProvider.findCredentialById(vaultCredentialsId, StandardCredentials.class, run) : null); invocation.setExtraVars(extraVars); invocation.setAdditionalParameters(additionalParameters); - invocation.setHostKeyCheck(hostKeyChecking); + invocation.setDisableHostKeyCheck(disableHostKeyChecking); invocation.setUnbufferedOutput(unbufferedOutput); invocation.setColorizedOutput(colorizedOutput); if (!invocation.execute(runner)) {
src/main/java/org/jenkinsci/plugins/ansible/jobdsl/AnsibleJobDslExtension.java+2 −2 modified@@ -30,7 +30,7 @@ public Object ansibleAdHoc(String module, String command, Runnable closure) { adhoc.setVaultCredentialsId(context.getVaultCredentialsId()); adhoc.setColorizedOutput(context.isColorizedOutput()); adhoc.setForks(context.getForks()); - adhoc.setHostKeyChecking(context.isHostKeyChecking()); + adhoc.setDisableHostKeyChecking(context.isDisableHostKeyChecking()); adhoc.setBecome(context.isBecome()); adhoc.setBecomeUser(context.getBecomeUser()); adhoc.setSudo(context.isSudo()); @@ -54,7 +54,7 @@ public Object ansiblePlaybook(String playbook, Runnable closure) { plbook.setVaultCredentialsId(context.getVaultCredentialsId()); plbook.setColorizedOutput(context.isColorizedOutput()); plbook.setForks(context.getForks()); - plbook.setHostKeyChecking(context.isHostKeyChecking()); + plbook.setDisableHostKeyChecking(context.isDisableHostKeyChecking()); plbook.setBecome(context.isBecome()); plbook.setBecomeUser(context.getBecomeUser()); plbook.setSudo(context.isSudo());
src/main/java/org/jenkinsci/plugins/ansible/jobdsl/context/AnsibleContext.java+18 −5 modified@@ -2,6 +2,7 @@ import java.util.List; +import edu.umd.cs.findbugs.annotations.SuppressFBWarnings; import javaposse.jobdsl.dsl.Context; import javaposse.jobdsl.plugin.ContextExtensionPoint; import org.jenkinsci.plugins.ansible.ExtraVar; @@ -30,7 +31,11 @@ public class AnsibleContext implements Context { private int forks = 5; private boolean unbufferedOutput = true; private boolean colorizedOutput = false; - private boolean hostKeyChecking = false; + private boolean disableHostKeyChecking = false; + @Deprecated + @SuppressWarnings("unused") + @SuppressFBWarnings("URF_UNREAD_FIELD") + private transient boolean hostKeyChecking = true; private String additionalParameters; ExtraVarsContext extraVarsContext = new ExtraVarsContext(); @@ -117,8 +122,8 @@ public void colorizedOutput(boolean colorizedOutput) { this.colorizedOutput = colorizedOutput; } - public void hostKeyChecking(boolean hostKeyChecking) { - this.hostKeyChecking = hostKeyChecking; + public void disableHostKeyChecking(boolean disableHostKeyChecking) { + this.disableHostKeyChecking = disableHostKeyChecking; } public void additionalParameters(String additionalParameters) { @@ -213,8 +218,8 @@ public boolean isColorizedOutput() { return colorizedOutput; } - public boolean isHostKeyChecking() { - return hostKeyChecking; + public boolean isDisableHostKeyChecking() { + return disableHostKeyChecking; } public String getAdditionalParameters() { @@ -244,4 +249,12 @@ public String getStartAtTask() { public List<ExtraVar> getExtraVars() { return extraVarsContext.getExtraVars(); } + + @Deprecated + public void hostKeyChecking(boolean hostKeyChecking) { + } + @Deprecated + public boolean isHostKeyChecking() { + return true; + } }
src/main/java/org/jenkinsci/plugins/ansible/workflow/AnsiblePlaybookStep.java+19 −4 modified@@ -29,6 +29,7 @@ import com.cloudbees.plugins.credentials.common.StandardUsernameCredentials; import com.cloudbees.plugins.credentials.common.UsernamePasswordCredentials; import com.google.inject.Inject; +import edu.umd.cs.findbugs.annotations.SuppressFBWarnings; import hudson.*; import hudson.model.Computer; import hudson.model.Node; @@ -77,7 +78,11 @@ public class AnsiblePlaybookStep extends AbstractStepImpl { private String extras = null; private boolean colorized = false; private int forks = 0; - private boolean hostKeyChecking = false; + private boolean disableHostKeyChecking = false; + @Deprecated + @SuppressWarnings("unused") + @SuppressFBWarnings("URF_UNREAD_FIELD") + private transient boolean hostKeyChecking = true; @DataBoundConstructor public AnsiblePlaybookStep(String playbook) { @@ -175,8 +180,13 @@ public void setForks(int forks) { } @DataBoundSetter + public void setDisableHostKeyChecking(boolean disableHostKeyChecking) { + this.disableHostKeyChecking = disableHostKeyChecking; + } + + @DataBoundSetter + @Deprecated public void setHostKeyChecking(boolean hostKeyChecking) { - this.hostKeyChecking = hostKeyChecking; } public String getInstallation() { @@ -247,8 +257,13 @@ public String getExtras() { return extras; } + public boolean isDisableHostKeyChecking() { + return disableHostKeyChecking; + } + + @Deprecated public boolean isHostKeyChecking() { - return hostKeyChecking; + return true; } public int getForks() { @@ -375,7 +390,7 @@ protected Void run() throws Exception { builder.setSkippedTags(step.getSkippedTags()); builder.setExtraVars(convertExtraVars(step.extraVars)); builder.setAdditionalParameters(step.getExtras()); - builder.setHostKeyChecking(step.isHostKeyChecking()); + builder.setDisableHostKeyChecking(step.isDisableHostKeyChecking()); builder.setUnbufferedOutput(true); builder.setColorizedOutput(step.isColorized()); Node node;
src/main/resources/org/jenkinsci/plugins/ansible/AnsibleAdHocCommandBuilder/config.jelly+1 −1 modified@@ -53,7 +53,7 @@ <f:number default="5"/> </f:entry> - <f:entry title="${%Check host SSH key}" field="hostKeyChecking"> + <f:entry title="${%Disable the host SSH key check}" field="disableHostKeyChecking"> <f:checkbox default="false" /> </f:entry>
src/main/resources/org/jenkinsci/plugins/ansible/AnsibleAdHocCommandBuilder/help-disableHostKeyChecking.html+3 −0 added@@ -0,0 +1,3 @@ +<div> + Check this box if you <b>really</b> want to disable the validation of the hosts SSH server keys. +</div> \ No newline at end of file
src/main/resources/org/jenkinsci/plugins/ansible/AnsibleAdHocCommandBuilder/help-hostKeyChecking.html+0 −3 removed@@ -1,3 +0,0 @@ -<div> - Check this box to enforce the validation of the hosts SSH server keys. -</div> \ No newline at end of file
src/main/resources/org/jenkinsci/plugins/ansible/AnsiblePlaybookBuilder/config.jelly+1 −1 modified@@ -62,7 +62,7 @@ <f:number default="5"/> </f:entry> - <f:entry title="${%Check host SSH key}" field="hostKeyChecking"> + <f:entry title="${%Disable the host SSH key check}" field="disableHostKeyChecking"> <f:checkbox default="false" /> </f:entry>
src/main/resources/org/jenkinsci/plugins/ansible/AnsiblePlaybookBuilder/help-disableHostKeyChecking.html+3 −0 added@@ -0,0 +1,3 @@ +<div> + Check this box if you <b>really</b> want to disable the validation of the hosts SSH server keys. +</div> \ No newline at end of file
src/main/resources/org/jenkinsci/plugins/ansible/AnsiblePlaybookBuilder/help-hostKeyChecking.html+0 −3 removed@@ -1,3 +0,0 @@ -<div> - Check this box to enforce the validation of the hosts SSH server keys. -</div> \ No newline at end of file
src/main/resources/org/jenkinsci/plugins/ansible/workflow/AnsiblePlaybookStep/config.jelly+1 −1 modified@@ -42,7 +42,7 @@ <f:entry field="forks" title="Number of parallel processes to use"> <f:textbox/> </f:entry> - <f:entry title="${%Check host SSH key}" field="hostKeyChecking"> + <f:entry title="${%Disable the host SSH key check}" field="disableHostKeyChecking"> <f:checkbox default="false" /> </f:entry> <f:entry field="colorized" title="${%Colorized output}">
src/test/java/org/jenkinsci/plugins/ansible/AnsibleAdHocCommandInvocationTest.java+29 −1 modified@@ -88,7 +88,7 @@ public void should_generate_simple_invocation_with_env() throws Exception { invocation.setModule("ping"); invocation.setForks(5); invocation.setColorizedOutput(true); - invocation.setHostKeyCheck(false); + invocation.setDisableHostKeyCheck(true); invocation.setUnbufferedOutput(true); // When invocation.execute(runner); @@ -101,6 +101,34 @@ public void should_generate_simple_invocation_with_env() throws Exception { .containsEntry("ANSIBLE_HOST_KEY_CHECKING", "False"); } + @Test + public void secure_by_default_SEC_630() throws Exception { + // Given + Inventory inventory = new InventoryPath("/tmp/hosts"); + BuildListener listener = mock(BuildListener.class); + CLIRunner runner = mock(CLIRunner.class); + AbstractBuild<?,?> build = mock(AbstractBuild.class); + when(build.getEnvironment(any(TaskListener.class))).thenReturn(new EnvVars()); + AnsibleAdHocCommandInvocation invocation = new AnsibleAdHocCommandInvocation("/usr/local/bin/ansible", build, listener); + invocation.setHostPattern("localhost"); + invocation.setInventory(inventory); + invocation.setModule("ping"); + invocation.setForks(5); + invocation.setColorizedOutput(true); + //invocation.setDisableHostKeyCheck(true); + invocation.setUnbufferedOutput(true); + // When + invocation.execute(runner); + // Then + ArgumentCaptor<Map> argument = ArgumentCaptor.forClass(Map.class); + verify(runner).execute(any(ArgumentListBuilder.class), argument.capture()); + assertThat((Map<String, String>)argument.getValue()) + .containsEntry("PYTHONUNBUFFERED", "1") + .containsEntry("ANSIBLE_FORCE_COLOR", "true") + .doesNotContainEntry("ANSIBLE_HOST_KEY_CHECKING", "False"); + } + + @Test @Ignore("build.getWorkspace() cannot be mocked") public void should_handle_private_key_credentials() throws Exception {
src/test/java/org/jenkinsci/plugins/ansible/CompatibilityTest.java+24 −0 added@@ -0,0 +1,24 @@ +package org.jenkinsci.plugins.ansible; + +import hudson.model.AbstractProject; +import hudson.model.FreeStyleProject; +import org.junit.Rule; +import org.junit.Test; +import org.jvnet.hudson.test.JenkinsRule; +import org.jvnet.hudson.test.recipes.LocalData; + +import static org.junit.Assert.assertEquals; + +public class CompatibilityTest { + + @Rule + public JenkinsRule r = new JenkinsRule(); + + @LocalData + @Test + public void test() throws Exception { + FreeStyleProject p = (FreeStyleProject) r.jenkins.getItem("old"); + assertEquals(2, p.getBuilders().size()); + assertEquals(false, r.jenkins.getAdministrativeMonitor("OldData").isActivated()); + } +}
src/test/java/org/jenkinsci/plugins/ansible/jobdsl/JobDslIntegrationTest.java+12 −3 modified@@ -21,6 +21,7 @@ */ public class JobDslIntegrationTest { public static final String ANSIBLE_DSL_GROOVY_PLAYBOOK = "jobdsl/playbook.groovy"; + public static final String ANSIBLE_DSL_GROOVY_SECURITY_630 = "jobdsl/security630.groovy"; public static final String ANSIBLE_DSL_GROOVY_PLAYBOOK_LEGACY = "jobdsl/legacyPlaybook.groovy"; public static final String ANSIBLE_DSL_GROOVY_ADHOC = "jobdsl/adhoc.groovy"; public static final String ANSIBLE_DSL_GROOVY_VAULT = "jobdsl/vault.groovy"; @@ -31,6 +32,14 @@ public class JobDslIntegrationTest { @Rule public RuleChain chain = RuleChain.outerRule(jenkins).around(dsl); + @Test + @DslJobRule.WithJobDsl(ANSIBLE_DSL_GROOVY_SECURITY_630) + public void shouldCreateJobSecurity630Dsl() throws Exception { + AnsiblePlaybookBuilder step = dsl.getGeneratedJob().getBuildersList().get(AnsiblePlaybookBuilder.class); + assertThat("Should add playbook builder", step, notNullValue()); + assertThat("disableHostKeyChecking", step.disableHostKeyChecking, is(false)); + } + @Test @DslJobRule.WithJobDsl(ANSIBLE_DSL_GROOVY_PLAYBOOK) public void shouldCreateJobWithPlaybookDsl() throws Exception { @@ -52,7 +61,7 @@ public void shouldCreateJobWithPlaybookDsl() throws Exception { assertThat("forks", step.forks, is(6)); assertThat("unbufferedOutput", step.unbufferedOutput, is(false)); assertThat("colorizedOutput", step.colorizedOutput, is(true)); - assertThat("hostKeyChecking", step.hostKeyChecking, is(false)); + assertThat("disableHostKeyChecking", step.disableHostKeyChecking, is(false)); assertThat("additionalParameters", step.additionalParameters, is("params")); assertThat("extraVar.key", step.extraVars.get(0).getKey(), is("key")); assertThat("extraVar.value", step.extraVars.get(0).getValue(), is("value")); @@ -81,7 +90,7 @@ public void shouldCreateJobWithLegacyPlaybookDsl() throws Exception { assertThat("forks", step.forks, is(6)); assertThat("unbufferedOutput", step.unbufferedOutput, is(false)); assertThat("colorizedOutput", step.colorizedOutput, is(true)); - assertThat("hostKeyChecking", step.hostKeyChecking, is(false)); + assertThat("disableHostKeyChecking", step.disableHostKeyChecking, is(true)); assertThat("additionalParameters", step.additionalParameters, is("params")); assertThat("extraVar.key", step.extraVars.get(0).getKey(), is("key")); assertThat("extraVar.value", step.extraVars.get(0).getValue(), is("value")); @@ -106,7 +115,7 @@ public void shouldCreateJobAdhocDsl() throws Exception { assertThat("forks", step.forks, is(5)); assertThat("unbufferedOutput", step.unbufferedOutput, is(true)); assertThat("colorizedOutput", step.colorizedOutput, is(false)); - assertThat("hostKeyChecking", step.hostKeyChecking, is(false)); + assertThat("disableHostKeyChecking", step.disableHostKeyChecking, is(false)); } @Test
src/test/resources/jobdsl/legacyPlaybook.groovy+1 −0 modified@@ -14,6 +14,7 @@ freeStyleJob('ansible') { unbufferedOutput(false) colorizedOutput(true) hostKeyChecking(false) + disableHostKeyChecking(true) additionalParameters('params') extraVars { extraVar ("key","value",true)
src/test/resources/jobdsl/playbook.groovy+1 −1 modified@@ -13,7 +13,7 @@ freeStyleJob('ansible') { forks(6) unbufferedOutput(false) colorizedOutput(true) - hostKeyChecking(false) + disableHostKeyChecking(false) additionalParameters('params') extraVars { extraVar ("key","value",true)
src/test/resources/jobdsl/security630.groovy+22 −0 added@@ -0,0 +1,22 @@ +freeStyleJob('ansible') { + steps { + ansiblePlaybook('path/playbook.yml') { + inventoryPath('hosts.ini') + ansibleName('1.9.4') + limit('retry.limit') + tags('one,two') + skippedTags('three') + startAtTask('task') + credentialsId('credsid') + become(true) + becomeUser("user") + forks(6) + unbufferedOutput(false) + colorizedOutput(true) + additionalParameters('params') + extraVars { + extraVar ("key","value",true) + } + } + } +}
src/test/resources/org/jenkinsci/plugins/ansible/CompatibilityTest/jobs/old/config.xml+48 −0 added@@ -0,0 +1,48 @@ +<?xml version='1.0' encoding='UTF-8'?> +<project> + <actions/> + <description></description> + <keepDependencies>false</keepDependencies> + <scm class="hudson.scm.NullSCM"/> + <canRoam>true</canRoam> + <disabled>false</disabled> + <blockBuildWhenDownstreamBuilding>false</blockBuildWhenDownstreamBuilding> + <blockBuildWhenUpstreamBuilding>false</blockBuildWhenUpstreamBuilding> + <triggers/> + <concurrentBuild>false</concurrentBuild> + <builders> + <org.jenkinsci.plugins.ansible.AnsiblePlaybookBuilder plugin="ansible@0.8"> + <playbook>playbook.yml</playbook> + <limit></limit> + <tags></tags> + <skippedTags></skippedTags> + <startAtTask></startAtTask> + <credentialsId></credentialsId> + <vaultCredentialsId></vaultCredentialsId> + <sudo>false</sudo> + <sudoUser></sudoUser> + <forks>5</forks> + <unbufferedOutput>true</unbufferedOutput> + <colorizedOutput>false</colorizedOutput> + <hostKeyChecking>false</hostKeyChecking> + <additionalParameters></additionalParameters> + <copyCredentialsInWorkspace>false</copyCredentialsInWorkspace> + </org.jenkinsci.plugins.ansible.AnsiblePlaybookBuilder> + <org.jenkinsci.plugins.ansible.AnsibleAdHocCommandBuilder plugin="ansible@0.8"> + <credentialsId></credentialsId> + <vaultCredentialsId></vaultCredentialsId> + <hostPattern>one.example.com</hostPattern> + <module></module> + <command></command> + <sudo>false</sudo> + <sudoUser></sudoUser> + <forks>5</forks> + <unbufferedOutput>true</unbufferedOutput> + <colorizedOutput>false</colorizedOutput> + <hostKeyChecking>true</hostKeyChecking> + <additionalParameters></additionalParameters> + </org.jenkinsci.plugins.ansible.AnsibleAdHocCommandBuilder> + </builders> + <publishers/> + <buildWrappers/> +</project> \ No newline at end of file
Vulnerability mechanics
Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
4- github.com/advisories/GHSA-322x-jv5h-cvjhghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2018-1000149ghsaADVISORY
- github.com/jenkinsci/ansible-plugin/commit/06d30e5b626a978e258a7f4ab473cd7f53a7cba7ghsaWEB
- jenkins.io/security/advisory/2018-03-26/ghsax_refsource_CONFIRMWEB
News mentions
0No linked articles in our index yet.