Go modules package
github.com/ansible-semaphore/semaphore
pkg:golang/github.com/ansible-semaphore/semaphore
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-39059 | — | <= 2.8.90 | — | Aug 28, 2023 | An issue in ansible semaphore v.2.8.90 allows a remote attacker to execute arbitrary code via a crafted payload to the extra variables parameter. | ||
| CVE-2023-28609 | — | < 2.8.89 | 2.8.89 | Mar 18, 2023 | api/auth.go in Ansible Semaphore before 2.8.89 mishandles authentication. |
- CVE-2023-39059Aug 28, 2023affected <= 2.8.90
An issue in ansible semaphore v.2.8.90 allows a remote attacker to execute arbitrary code via a crafted payload to the extra variables parameter.
- CVE-2023-28609Mar 18, 2023affected < 2.8.89fixed 2.8.89
api/auth.go in Ansible Semaphore before 2.8.89 mishandles authentication.