MEDIUM 5.5
GHSA-99w6-3xph-cx78
Ansible-Core vulnerable to content protections bypass
상세
A flaw was found in Ansible-Core. This vulnerability allows attackers to bypass unsafe content protections using the hostvars object to reference and execute templated content. This issue can lead to arbitrary code execution if remote data or module outputs are improperly templated within playbooks.
이 버전이 영향받나요?
사용 중인 패키지 버전을 입력하면 즉시 평가합니다.
영향 패키지
PyPI / ansible-core
최초 영향 버전:
2.18.0b1 수정 버전: 2.18.1rc1 수정
pip install --upgrade 'ansible-core>=2.18.1rc1' PyPI / ansible-core
최초 영향 버전:
2.17.0b1 수정 버전: 2.17.7rc1 수정
pip install --upgrade 'ansible-core>=2.17.7rc1' PyPI / ansible-core
최초 영향 버전:
0 수정 버전: 2.16.14rc1 수정
pip install --upgrade 'ansible-core>=2.16.14rc1' 참고
- https://nvd.nist.gov/vuln/detail/CVE-2024-11079 [ADVISORY]
- https://github.com/ansible/ansible/pull/84299 [WEB]
- https://github.com/ansible/ansible/pull/84339 [WEB]
- https://github.com/ansible/ansible/commit/2936b80dbbc7efb889934aeec80f6142c10266ce [WEB]
- https://github.com/ansible/ansible/commit/70e83e72b43e05e57eb42a6d52d01a4d9768f510 [WEB]
- https://github.com/ansible/ansible/commit/98774d15d7748ebaaaf2e83942cc7e8d39f7280e [WEB]
- https://access.redhat.com/errata/RHSA-2024:10770 [WEB]
- https://access.redhat.com/errata/RHSA-2024:11145 [WEB]
- https://access.redhat.com/security/cve/CVE-2024-11079 [WEB]
- https://bugzilla.redhat.com/show_bug.cgi?id=2325171 [WEB]
- https://github.com/ansible/ansible [PACKAGE]
- https://github.com/ansible/ansible/blob/v2.18.1/changelogs/CHANGELOG-v2.18.rst#security-fixes [WEB]
- https://lists.debian.org/debian-lts-announce/2026/03/msg00006.html [WEB]