VYPR

PyPI package

galaxy-importer

pkg:pypi/galaxy-importer

Vulnerabilities (1)

  • CVE-2023-5189Nov 14, 2023
    affected <= 0.4.16

    A path traversal vulnerability exists in Ansible when extracting tarballs. An attacker could craft a malicious tarball so that when using the galaxy importer of Ansible Automation Hub, a symlink could be dropped on the disk, resulting in files being overwritten.