OESA-2021-1400
- Source
- https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2021-1400
- Import Source
- https://repo.openeuler.org/security/data/osv/OESA-2021-1400.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/OESA-2021-1400
- Upstream
- Published
- 2021-10-19T11:03:17Z
- Modified
- 2025-08-12T05:04:01.482750Z
- Summary
- ansible security update
- Details
-
Ansible is a radically simple model-driven configuration management, multi-node deployment, and remote task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically.
Security Fix(es):
A flaw was discovered in the way Ansible templating was implemented in versions before 2.6.18, 2.7.12 and 2.8.2, causing the possibility of information disclosure through unexpected variable substitution. By taking advantage of unintended variable substitution the content of any variable may be disclosed.(CVE-2019-10156)
- Database specific
{ "severity": "Medium" }- References
Affected packages
openEuler:20.03-LTS-SP1 / ansible
Package
- Name
- ansible
- Purl
- pkg:rpm/openEuler/ansible&distro=openEuler-20.03-LTS-SP1