Lucene search
PRIOn knowledge basePRION:CVE-2020-10691HistoryApr 30, 2020 - 5:15 p.m.
Directory traversal
2020-04-3017:15:00
PRIOn knowledge base
www.prio-n.com
8
An archive traversal flaw was found in all ansible-engine versions 2.9.x prior to 2.9.7, when running ansible-galaxy collection install. When extracting a collection .tar.gz file, the directory is created without sanitizing the filename. An attacker could take advantage to overwrite any file within the system.
| CPE | Name | Operator | Version |
|---|---|---|---|
| ansible_engine | ge | 2.9.0 | |
| ansible_engine | lt | 2.9.7 | |
| ansible_tower | eq | 3.0 |
Related
veracode
veracode
Directory Traversal
2020-04-02 03:39:25
cve
cve
CVE-2020-10691
2020-04-30 17:15:11
nvd
nvd
CVE-2020-10691
2020-04-30 17:15:11
redhatcve
redhatcve
CVE-2020-10691
2020-03-27 08:13:18
nessus
nessus
Ansible Tower 3.6.x =< 3.6.3 Archive Traversal Arbitrary File Overwrite Vulnerability
2020-05-20 00:00:00
Fedora 30 : ansible (2020-1b6ce91e37)
2020-04-27 00:00:00
Fedora 31 : ansible (2020-f80154b5b4)
2020-04-27 00:00:00
alpinelinux
alpinelinux
CVE-2020-10691
2020-04-30 17:15:11
ubuntucve
ubuntucve
CVE-2020-10691
2020-04-30 00:00:00
osv
osv
PYSEC-2020-2
2020-04-30 17:15:00
Path Traversal in Ansible
2021-04-20 16:44:37
CVE-2020-10691
2020-04-30 17:15:11
debiancve
debiancve
CVE-2020-10691
2020-04-30 17:15:11
github
github
Path Traversal in Ansible
2021-04-20 16:44:37
cvelist
cvelist
CVE-2020-10691
2020-04-30 16:23:36
openvas
openvas
Fedora: Security Advisory for ansible (FEDORA-2020-3990f03ba3)
2020-04-30 00:00:00
Fedora: Security Advisory for ansible (FEDORA-2020-f80154b5b4)
2020-04-30 00:00:00
Fedora: Security Advisory for ansible (FEDORA-2020-1b6ce91e37)
2020-04-30 00:00:00
fedora
fedora
[SECURITY] Fedora 31 Update: ansible-2.9.7-1.fc31
2020-04-27 04:48:07
[SECURITY] Fedora 32 Update: ansible-2.9.7-1.fc32
2020-04-27 02:46:08
[SECURITY] Fedora 30 Update: ansible-2.9.7-1.fc30
2020-04-27 03:07:00
redhat
redhat
(RHSA-2020:1542) Important: Ansible security and bug fix update (2.9.7)
2020-04-22 13:12:44
(RHSA-2020:1541) Important: Ansible security and bug fix update (2.9.7)
2020-04-22 13:12:31
suse
suse
Security update for ansible (important)
2022-03-16 00:00:00