CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2020-14327 – Tower: SSRF: Server Side Request Forgery on Credential
https://notcve.org/view.php?id=CVE-2020-14327
A Server-side request forgery (SSRF) flaw was found in Ansible Tower in versions before 3.6.5 and before 3.7.2. Functionality on the Tower server is abused by supplying a URL that could lead to the server processing it. This flaw leads to the connection to internal services or the exposure of additional internal services by abusing the test feature of lookup credentials to forge HTTP/HTTPS requests from the server and retrieving the results of the response. Se encontró un fallo de tipo Server-side request forgery (SSRF) en Ansible Tower en versiones anteriores a 3.6.5 y anteriores a 3.7.2. Es abusada de la funcionalidad en el servidor Tower al proporcionar una URL que podría conllevar al servidor a procesarla. • https://bugzilla.redhat.com/show_bug.cgi?id=1856785 https://access.redhat.com/security/cve/CVE-2020-14327 • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2020-10782 – Tower: rsyslog configuration has world readable permissions
https://notcve.org/view.php?id=CVE-2020-10782
An exposure of sensitive information flaw was found in Ansible version 3.7.0. Sensitive information, such tokens and other secrets could be readable and exposed from the rsyslog configuration file, which has set the wrong world-readable permissions. The highest threat from this vulnerability is to confidentiality. This is fixed in Ansible version 3.7.1. Se encontró un fallo de exposición de información sensible en la versión 3.7.0 de Ansible. • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10782 https://access.redhat.com/security/cve/CVE-2020-10782 https://bugzilla.redhat.com/show_bug.cgi?id=1847843 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-276: Incorrect Default Permissions CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 3.3EPSS: 0%CPEs: 12EXPL: 1CVE-2020-1736 – ansible: atomic_move primitive sets permissive permissions
https://notcve.org/view.php?id=CVE-2020-1736
A flaw was found in Ansible Engine when a file is moved using atomic_move primitive as the file mode cannot be specified. This sets the destination files world-readable if the destination file does not exist and if the file exists, the file could be changed to have less restrictive permissions before the move. This could lead to the disclosure of sensitive data. All versions in 2.7.x, 2.8.x and 2.9.x branches are believed to be vulnerable. Se detectó un fallo en Ansible Engine, cuando un archivo es movido usando la función atomic_move primitiva ya que el modo de archivo no puede ser especificado. • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1736 https://github.com/ansible/ansible/issues/67794 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2NYYQP2XJB2TTRP6AKWVMBSPB2DFJNKD https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BPNZWBAUP4ZHUR6PO7U6ZXEKNCX62KZ7 https://security.gentoo.org/glsa/202006-11 https://access.redhat.com/security/cve/CVE-2020-1736 https://bugzilla.redhat.com/show_bug.cgi?id=1802124 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 7.5EPSS: 0%CPEs: 27EXPL: 0CVE-2018-1061 – python: DOS via regular expression backtracking in difflib.IS_LINE_JUNK method in difflib
https://notcve.org/view.php?id=CVE-2018-1061
python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is vulnerable to catastrophic backtracking in the difflib.IS_LINE_JUNK method. An attacker could use this flaw to cause denial of service. python en versiones anteriores a la 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 y 3.7.0 es vulnerable a backtracking catastrófico en el método difflib.IS_LINE_JUNK. Un atacante podría utilizar este fallo para provocar una denegación de servicio (DoS). A flaw was found in the way catastrophic backtracking was implemented in python's difflib.IS_LINE_JUNK method. An attacker could use this flaw to cause denial of service. • http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html http://www.securitytracker.com/id/1042001 https://access.redhat.com/errata/RHBA-2019:0327 https://access.redhat.com/errata/RHSA-2018:3041 https://access.redhat.com/errata/RHSA-2018:3505 https://access.redhat.com/errata/RHSA-2019:1260 https://access.redhat.com/errata/RHSA-2019:3725 https://bugs.python.org/issue32981 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1061 https://docs.python.org/ • CWE-20: Improper Input Validation •