CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-10310
https://notcve.org/view.php?id=CVE-2019-10310
30 Apr 2019 — A cross-site request forgery vulnerability in Jenkins Ansible Tower Plugin 0.9.1 and earlier in the TowerInstallation.TowerInstallationDescriptor#doTestTowerConnection form validation method allowed attackers permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins Una vulnerabilidad de tipo cross-site request forgery en Jenkins Ansible Tower Plugin versión 0.9.1 y anteriores en el método de comprobac... • http://www.openwall.com/lists/oss-security/2019/04/30/5 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-10311
https://notcve.org/view.php?id=CVE-2019-10311
30 Apr 2019 — A missing permission check in Jenkins Ansible Tower Plugin 0.9.1 and earlier in the TowerInstallation.TowerInstallationDescriptor#doTestTowerConnection form validation method allowed attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. Una falta de comprobación de permiso en Jenkins Ansible Tower plugin versión 0.9.1 y versiones anteriores en el método de comprobación ... • http://www.openwall.com/lists/oss-security/2019/04/30/5 • CWE-862: Missing Authorization •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2019-10312
https://notcve.org/view.php?id=CVE-2019-10312
30 Apr 2019 — A missing permission check in Jenkins Ansible Tower Plugin 0.9.1 and earlier in the TowerInstallation.TowerInstallationDescriptor#doFillTowerCredentialsIdItems method allowed attackers with Overall/Read permission to enumerate credentials ID of credentials stored in Jenkins. Una falta de comprobación de permisos en Jenkins Ansible Tower Plugin versión 0.9.1 y anteriores, en el método TowerInstallation.TowerInstallationDescriptor#doFillTowerCredentialsIdItems permitió a los atacantes con permiso Overall/Read... • http://www.openwall.com/lists/oss-security/2019/04/30/5 • CWE-862: Missing Authorization •
CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 0CVE-2019-3869 – Tower: credentials leaked through environment variables
https://notcve.org/view.php?id=CVE-2019-3869
28 Mar 2019 — When running Tower before 3.4.3 on OpenShift or Kubernetes, application credentials are exposed to playbook job runs via environment variables. A malicious user with the ability to write playbooks could use this to gain administrative privileges. Al ejecutar Tower, en versiones anteriores a la 3.4.3 en OpenShift o Kubernetes, las credenciales de aplicación se exponen a ejecuciones "playbook job" mediante variables de entorno. Un usuario malicioso capacitado para escribir playbooks podría utilizar esto para ... • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3869 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-214: Invocation of Process Using Visible Sensitive Information •
CVSS: 7.3EPSS: 0%CPEs: 15EXPL: 0CVE-2019-3835 – ghostscript: superexec operator is available (700585)
https://notcve.org/view.php?id=CVE-2019-3835
22 Mar 2019 — It was found that the superexec operator was available in the internal dictionary in ghostscript before 9.27. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside of the constrains imposed by -dSAFER. Se ha observado que el operador superexec estaba disponible en el diccionario interno en ghostscript en las versiones anteriores a la 9.27. Un archivo PostScript especialmente manipulado podría explotar este error, por ejemplo, para obtener ac... • http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00088.html • CWE-648: Incorrect Use of Privileged APIs CWE-862: Missing Authorization •
CVSS: 7.3EPSS: 0%CPEs: 17EXPL: 0CVE-2019-3838 – ghostscript: forceput in DefineResource is still accessible (700576)
https://notcve.org/view.php?id=CVE-2019-3838
22 Mar 2019 — It was found that the forceput operator could be extracted from the DefineResource method in ghostscript before 9.27. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside of the constrains imposed by -dSAFER. Se ha observado que el operador forceput podía ser extraído del método DefineResource en ghostscript en las versiones anteriores a la 9.27. Un archivo PostScript especialmente manipulado podría explotar este error, por ejemplo, para ob... • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00011.html • CWE-648: Incorrect Use of Privileged APIs •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2018-16879
https://notcve.org/view.php?id=CVE-2018-16879
03 Jan 2019 — Ansible Tower before version 3.3.3 does not set a secure channel as it is using the default insecure configuration channel settings for messaging celery workers from RabbitMQ. This could lead in data leak of sensitive information such as passwords as well as denial of service attacks by deleting projects or inventory files. Ansible Tower en versiones anteriores a la 3.3.3 no establece un canal seguro, ya que utiliza los ajustes del canal de configuración inseguros por defecto para comunicarse con los trabaj... • http://www.securityfocus.com/bid/106310 • CWE-311: Missing Encryption of Sensitive Data •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2018-16837 – Ansible: Information leak in "user" module
https://notcve.org/view.php?id=CVE-2018-16837
23 Oct 2018 — Ansible "User" module leaks any data which is passed on as a parameter to ssh-keygen. This could lean in undesirable situations such as passphrases credentials passed as a parameter for the ssh-keygen executable. Showing those credentials in clear text form for every user which have access just to the process list. El módulo "User" de Ansible filtra cualquier dato que se pasa como parámetro a ssh-keygen. Esto podría desembocar en situaciones no deseadas como el paso de credenciales de frase de contraseña co... • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00021.html • CWE-214: Invocation of Process Using Visible Sensitive Information CWE-311: Missing Encryption of Sensitive Data •
CVSS: 9.8EPSS: 0%CPEs: 30EXPL: 0CVE-2018-1000805 – python-paramiko: Authentication bypass in auth_handler.py
https://notcve.org/view.php?id=CVE-2018-1000805
08 Oct 2018 — Paramiko version 2.4.1, 2.3.2, 2.2.3, 2.1.5, 2.0.8, 1.18.5, 1.17.6 contains a Incorrect Access Control vulnerability in SSH server that can result in RCE. This attack appear to be exploitable via network connectivity. Paramiko en versiones 2.4.1, 2.3.2, 2.2.3, 2.1.5, 2.0.8, 1.18.5 y 1.17.6 contiene una vulnerabilidad de control de acceso incorrecto en el servidor SSH que puede resultar en la ejecución remota de código. Este ataque parece ser explotable mediante conectividad de red. The python-paramiko packa... • https://access.redhat.com/errata/RHBA-2018:3497 • CWE-305: Authentication Bypass by Primary Weakness CWE-863: Incorrect Authorization •
CVSS: 9.8EPSS: 68%CPEs: 24EXPL: 11CVE-2018-17456 – Git Submodule - Arbitrary Code Execution
https://notcve.org/view.php?id=CVE-2018-17456
06 Oct 2018 — Git before 2.14.5, 2.15.x before 2.15.3, 2.16.x before 2.16.5, 2.17.x before 2.17.2, 2.18.x before 2.18.1, and 2.19.x before 2.19.1 allows remote code execution during processing of a recursive "git clone" of a superproject if a .gitmodules file has a URL field beginning with a '-' character. Git en versiones anteriores a la 2.14.5, versiones 2.15.x anteriores a la 2.15.3, versiones 2.16.x anteriores a la 2.16.5, versiones 2.17.x anteriores a la 2.17.2, versiones 2.18.x anteriores a la 2.18.1 y versiones 2.... • https://packetstorm.news/files/id/150380 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') CWE-88: Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') •