rpm package
suse/ansible&distro=SUSE OpenStack Cloud 7
pkg:rpm/suse/ansible&distro=SUSE%20OpenStack%20Cloud%207
Vulnerabilities (47)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2016-9587 | — | < 2.2.3.0-5.1 | 2.2.3.0-5.1 | Apr 24, 2018 | Ansible before versions 2.1.4, 2.2.1 is vulnerable to an improper input validation in Ansible's handling of data sent from client systems. An attacker with control over a client system being managed by Ansible and the ability to send facts back to the Ansible server could use thi | ||
| CVE-2018-1000115 | — | < 2.2.3.0-12.2 | 2.2.3.0-12.2 | Mar 5, 2018 | Memcached version 1.5.5 contains an Insufficient Control of Network Message Volume (Network Amplification, CWE-406) vulnerability in the UDP support of the memcached server that can result in denial of service via network flood (traffic amplification of 1:50,000 has been reported | ||
| CVE-2017-7550 | Cri | 9.8 | < 2.2.3.0-9.1 | 2.2.3.0-9.1 | Nov 21, 2017 | A flaw was found in the way Ansible (2.3.x before 2.3.3, and 2.4.x before 2.4.1) passed certain parameters to the jenkins_plugin module. Remote attackers could use this flaw to expose sensitive information from a remote host's logs. This flaw was fixed by not allowing passwords t | |
| CVE-2017-1000246 | Med | 5.3 | < 2.2.3.0-12.2 | 2.2.3.0-12.2 | Nov 17, 2017 | Python package pysaml2 version 4.4.0 and earlier reuses the initialization vector across encryptions in the IDP server, resulting in weak encryption of data. | |
| CVE-2017-4967 | Med | 6.1 | < 2.2.3.0-12.2 | 2.2.3.0-12.2 | Jun 13, 2017 | An issue was discovered in these Pivotal RabbitMQ versions: all 3.4.x versions, all 3.5.x versions, and 3.6.x versions prior to 3.6.9; and these RabbitMQ for PCF versions: all 1.5.x versions, 1.6.x versions prior to 1.6.18, and 1.7.x versions prior to 1.7.15. Several forms in the | |
| CVE-2017-4965 | Med | 6.1 | < 2.2.3.0-12.2 | 2.2.3.0-12.2 | Jun 13, 2017 | An issue was discovered in these Pivotal RabbitMQ versions: all 3.4.x versions, all 3.5.x versions, and 3.6.x versions prior to 3.6.9; and these RabbitMQ for PCF versions: all 1.5.x versions, 1.6.x versions prior to 1.6.18, and 1.7.x versions prior to 1.7.15. Several forms in the | |
| CVE-2016-0775 | Med | 6.5 | < 2.2.3.0-17.2 | 2.2.3.0-17.2 | Apr 13, 2016 | Buffer overflow in the ImagingFliDecode function in libImaging/FliDecode.c in Pillow before 3.1.1 allows remote attackers to cause a denial of service (crash) via a crafted FLI file. |
- CVE-2016-9587Apr 24, 2018affected < 2.2.3.0-5.1fixed 2.2.3.0-5.1
Ansible before versions 2.1.4, 2.2.1 is vulnerable to an improper input validation in Ansible's handling of data sent from client systems. An attacker with control over a client system being managed by Ansible and the ability to send facts back to the Ansible server could use thi
- CVE-2018-1000115Mar 5, 2018affected < 2.2.3.0-12.2fixed 2.2.3.0-12.2
Memcached version 1.5.5 contains an Insufficient Control of Network Message Volume (Network Amplification, CWE-406) vulnerability in the UDP support of the memcached server that can result in denial of service via network flood (traffic amplification of 1:50,000 has been reported
- affected < 2.2.3.0-9.1fixed 2.2.3.0-9.1
A flaw was found in the way Ansible (2.3.x before 2.3.3, and 2.4.x before 2.4.1) passed certain parameters to the jenkins_plugin module. Remote attackers could use this flaw to expose sensitive information from a remote host's logs. This flaw was fixed by not allowing passwords t
- affected < 2.2.3.0-12.2fixed 2.2.3.0-12.2
Python package pysaml2 version 4.4.0 and earlier reuses the initialization vector across encryptions in the IDP server, resulting in weak encryption of data.
- affected < 2.2.3.0-12.2fixed 2.2.3.0-12.2
An issue was discovered in these Pivotal RabbitMQ versions: all 3.4.x versions, all 3.5.x versions, and 3.6.x versions prior to 3.6.9; and these RabbitMQ for PCF versions: all 1.5.x versions, 1.6.x versions prior to 1.6.18, and 1.7.x versions prior to 1.7.15. Several forms in the
- affected < 2.2.3.0-12.2fixed 2.2.3.0-12.2
An issue was discovered in these Pivotal RabbitMQ versions: all 3.4.x versions, all 3.5.x versions, and 3.6.x versions prior to 3.6.9; and these RabbitMQ for PCF versions: all 1.5.x versions, 1.6.x versions prior to 1.6.18, and 1.7.x versions prior to 1.7.15. Several forms in the
- affected < 2.2.3.0-17.2fixed 2.2.3.0-17.2
Buffer overflow in the ImagingFliDecode function in libImaging/FliDecode.c in Pillow before 3.1.1 allows remote attackers to cause a denial of service (crash) via a crafted FLI file.
Page 3 of 3