FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-03-29 07:54:42 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
9a8514f3-2ab8-11ec-b3a1-8c164582fbacAnsible -- Ansible user credentials disclosure in ansible-connection module

Red Hat reports:

A flaw was found in Ansible Engine's ansible-connection module, where sensitive information such as the Ansible user credentials is disclosed by default in the traceback error message. The highest threat from this vulnerability is to confidentiality.


Discovery 2021-06-25
Entry 2021-10-11
py36-ansible-core
py37-ansible-core
py38-ansible-core
py39-ansible-core
py310-ansible-core
< 2.11.6

py36-ansible-base
py37-ansible-base
py38-ansible-base
py39-ansible-base
py310-ansible-base
< 2.10.15

py36-ansible2
py37-ansible2
py38-ansible2
py39-ansible2
py310-ansible2
< 2.9.27

py36-ansible
py37-ansible
py38-ansible
py39-ansible
py310-ansible
< 2.9.27

CVE-2021-3620
https://access.redhat.com/security/cve/CVE-2021-3620
https://nvd.nist.gov/vuln/detail/CVE-2021-3620
https://github.com/ansible/ansible/blob/stable-2.9/changelogs/CHANGELOG-v2.9.rst#v2-9-27
https://github.com/ansible/ansible/blob/stable-2.10/changelogs/CHANGELOG-v2.10.rst#v2-10-15
https://github.com/ansible/ansible/blob/stable-2.11/changelogs/CHANGELOG-v2.11.rst#v2-11-6
4c9159ea-d4c9-11eb-aeee-8c164582fbacAnsible -- Templating engine bug

Ansible developers report:

Templating engine fix for not preserving usnafe status when trying to preserve newlines.


Discovery 2021-06-10
Entry 2021-06-24
Modified 2021-06-25
py36-ansible-core
py37-ansible-core
py38-ansible-core
py39-ansible-core
< 2.11.2

py36-ansible-base
py37-ansible-base
py38-ansible-base
py39-ansible-base
< 2.10.11

py36-ansible2
py37-ansible2
py38-ansible2
py39-ansible2
< 2.9.23

py36-ansible
py37-ansible
py38-ansible
py39-ansible
< 2.9.23

CVE-2021-3583
https://github.com/ansible/ansible/blob/stable-2.11/changelogs/CHANGELOG-v2.11.rst#security-fixes
https://github.com/ansible/ansible/blob/stable-2.10/changelogs/CHANGELOG-v2.10.rst#security-fixes
https://github.com/ansible/ansible/pull/74960
https://groups.google.com/g/ansible-announce/c/tmIgD1DpZJg
50ec3a01-ad77-11eb-8528-8c164582fbacAnsible -- Insecure Temporary File

NVD reports:

An incomplete fix was found for the fix of the flaw CVE-2020-1733 ansible: insecure temporary directory when running become_user from become directive. The provided fix is insufficient to prevent the race condition on systems using ACLs and FUSE filesystems..


Discovery 2020-05-15
Entry 2021-05-05
py36-ansible
py37-ansible
py38-ansible
py39-ansible
py36-ansible27
ge 2.9.0 le 2.9.9

py37-ansible27
py38-ansible27
py39-ansible27
ge 2.7.0 le 2.7.18

py36-ansible28
py37-ansible28
py38-ansible28
py39-ansible28
ge 2.8.0 le 2.8.12

https://nvd.nist.gov/vuln/detail/CVE-2020-10744
CVE-2020-10744