Lucene search
PRIOn knowledge basePRION:CVE-2020-10729HistoryMay 27, 2021 - 7:15 p.m.
Cross site request forgery (csrf)
2021-05-2719:15:00
PRIOn knowledge base
www.prio-n.com
3
A flaw was found in the use of insufficiently random values in Ansible. Two random password lookups of the same length generate the equal value as the template caching action for the same file since no re-evaluation happens. The highest threat from this vulnerability would be that all passwords are exposed at once for the file. This flaw affects Ansible Engine versions before 2.9.6.
| CPE | Name | Operator | Version |
|---|---|---|---|
| debian_linux | eq | 10.0 | |
| ansible_engine | lt | 2.9.6 |
Related
cve
cve
CVE-2020-10729
2021-05-27 19:15:07
osv
osv
PYSEC-2021-105
2021-05-27 19:15:00
Insufficiently random values in Ansible
2021-06-15 16:10:11
CVE-2020-10729
2021-05-27 19:15:07
debiancve
debiancve
CVE-2020-10729
2021-05-27 19:15:07
ubuntucve
ubuntucve
CVE-2020-10729
2021-05-27 00:00:00
nvd
nvd
CVE-2020-10729
2021-05-27 19:15:07
github
github
Insufficiently random values in Ansible
2021-06-15 16:10:11
veracode
veracode
Information Disclosure
2020-05-06 02:26:07
redhatcve
redhatcve
CVE-2020-10729
2020-05-04 18:10:13
cvelist
cvelist
CVE-2020-10729
2021-05-27 18:46:12
debian
debian
[SECURITY] [DSA 4950-1] ansible security update
2021-08-07 09:26:39
openvas
openvas
Debian: Security Advisory (DSA-4950-1)
2021-08-08 00:00:00
nessus
nessus
Debian DSA-4950-1 : ansible - security update
2021-08-07 00:00:00
openSUSE 15 Security Update : ansible (openSUSE-SU-2022:0081-1)
2022-03-17 00:00:00
suse
suse
Security update for ansible (important)
2022-03-16 00:00:00