Lucene search
GoogleOSV:PYSEC-2018-81HistoryJul 02, 2018 - 1:29 p.m.
PYSEC-2018-81
2018-07-0213:29:00
Google
osv.dev
15
EPSS
0.001
Percentile
32.4%
In ansible it was found that inventory variables are loaded from current working directory when running ad-hoc command which are under attacker’s control, allowing to run arbitrary code as a result.
References
www.securitytracker.com/id/1041396
access.redhat.com/errata/RHBA-2018:3788
access.redhat.com/errata/RHSA-2018:2150
access.redhat.com/errata/RHSA-2018:2151
access.redhat.com/errata/RHSA-2018:2152
access.redhat.com/errata/RHSA-2018:2166
access.redhat.com/errata/RHSA-2018:2321
access.redhat.com/errata/RHSA-2018:2585
access.redhat.com/errata/RHSA-2019:0054
bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10874
usn.ubuntu.com/4072-1/
Related
prion
prion
Command injection
2018-07-02 13:29:00
veracode
veracode
Arbitrary Code Execution
2019-01-15 09:24:12
Arbitrary Code Execution
2018-07-03 06:02:48
cvelist
cvelist
CVE-2018-10874
2018-07-02 13:00:00
cve
cve
CVE-2018-10874
2018-07-02 13:29:00
debiancve
debiancve
CVE-2018-10874
2018-07-02 13:29:00
github
github
Ansible Improper Input Validation vulnerability
2022-05-13 01:07:34
osv
osv
CVE-2018-10874
2018-07-02 13:29:00
Ansible Improper Input Validation vulnerability
2022-05-13 01:07:34
ibm
ibm
ubuntucve
ubuntucve
CVE-2018-10874
2018-07-02 00:00:00
nvd
nvd
CVE-2018-10874
2018-07-02 13:29:00
redhatcve
redhatcve
CVE-2018-10874
2020-04-09 10:18:06
redhat
redhat
(RHSA-2018:2166) Moderate: ansible security and bug fix update
2018-07-10 17:12:40
(RHSA-2018:2321) Moderate: Red Hat Virtualization security, bug fix, and enhancement update
2018-07-31 17:19:42
(RHSA-2018:2152) Moderate: ansible security update
2018-07-10 12:47:35
nessus
nessus
Fedora 28 : ansible (2018-1d2bc76093)
2019-01-03 00:00:00
RHEL 7 : ansible (RHSA-2018:2151)
2018-07-12 00:00:00
RHEL 7 : ansible (RHSA-2018:2152)
2018-07-12 00:00:00
openvas
openvas
Mageia: Security Advisory (MGASA-2018-0439)
2022-01-28 00:00:00
Fedora Update for ansible FEDORA-2018-1d2bc76093
2018-07-15 00:00:00
Fedora Update for ansible FEDORA-2018-53790a5236
2018-07-17 00:00:00
mageia
mageia
Updated ansible package fixes security vulnerabilities
2018-11-12 00:09:54
fedora
fedora
[SECURITY] Fedora 28 Update: ansible-2.6.1-1.fc28
2018-07-12 14:21:51
[SECURITY] Fedora 27 Update: ansible-2.6.1-1.fc27
2018-07-16 17:38:00
[SECURITY] Fedora 28 Update: ansible-2.7.8-1.fc28
2019-03-03 03:24:34
ubuntu
ubuntu
Ansible vulnerabilities
2019-07-24 00:00:00