CVE-2020-10691
Ansible: archive traversal vulnerability in ansible-galaxy collection install
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
An archive traversal flaw was found in all ansible-engine versions 2.9.x prior to 2.9.7, when running ansible-galaxy collection install. When extracting a collection .tar.gz file, the directory is created without sanitizing the filename. An attacker could take advantage to overwrite any file within the system.
Se ha detectado un fallo de salto de archivo en todas las versiones de ansible-engine 2.9.x anteriores a 2.9.7, cuando se ejecuta una instalación de una colección ansible-galaxy. Al extraer un archivo .tar.gz de la colección, el directorio es creado sin sanear el nombre del archivo. Un atacante podría aprovechar para sobrescribir cualquier archivo dentro del sistema.
An archive traversal flaw was found in Ansible Engine when running ansible-galaxy collection install. When extracting a collection .tar.gz file, the directory is created without sanitizing the filename. An attacker could take advantage to overwrite any file within the system.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2020-03-20 CVE Reserved
- 2020-04-22 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-04 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CAPEC
References (4)
URL | Tag | Source |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://github.com/ansible/ansible/pull/68596 | 2023-11-07 |
URL | Date | SRC |
---|---|---|
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10691 | 2023-11-07 | |
https://access.redhat.com/security/cve/CVE-2020-10691 | 2020-04-22 | |
https://bugzilla.redhat.com/show_bug.cgi?id=1817161 | 2020-04-22 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Redhat Search vendor "Redhat" | Ansible Engine Search vendor "Redhat" for product "Ansible Engine" | >= 2.9.0 < 2.9.7 Search vendor "Redhat" for product "Ansible Engine" and version " >= 2.9.0 < 2.9.7" | - |
Affected
| ||||||
Redhat Search vendor "Redhat" | Ansible Tower Search vendor "Redhat" for product "Ansible Tower" | 3.0 Search vendor "Redhat" for product "Ansible Tower" and version "3.0" | - |
Affected
|