Download
| Alert*
|
oval:org.secpod.oval:def:89046967
This update fixes the following issues: ansible: - Update to version 2.9.27 * CVE-2021-3620 ansible-connection module discloses sensitive info in traceback error message * CVE-2021-3583 Template Injection through yaml multi-line strings with ansible facts used in template. * ansible module nmcl ... oval:org.secpod.oval:def:120422 Ansible is a radically simple model-driven configuration management, multi-node deployment, and remote task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to m ... oval:org.secpod.oval:def:120418 Ansible is a radically simple model-driven configuration management, multi-node deployment, and remote task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to m ... oval:org.secpod.oval:def:1701738 A flaw was found in Ansible, where a user's controller is vulnerable to template injection. This issue can occur through facts used in the template if the user is trying to put templates in multi-line YAML strings and the facts being handled do not routinely include special template characters. This ... |
