VDB
EN
MEDIUM 5.5

PYSEC-2026-1051

tripleo-ansible may disclose important configuration details from an OpenStack deployment

상세

A flaw was found in tripleo-ansible. Due to an insecure default configuration, the permissions of a sensitive file are not sufficiently restricted. This flaw allows a local attacker to use brute force to explore the relevant directory and discover the file, leading to information disclosure of important configuration details from the OpenStack deployment.

이 버전이 영향받나요?

사용 중인 패키지 버전을 입력하면 즉시 평가합니다.

영향 패키지

PyPI / tripleo-ansible
최초 영향 버전: 0

No fixed version published yet for tripleo-ansible (pip). Pin to a known-safe version or switch to an alternative.

참고