CVE-2015-3908

Published: 12 August 2015

Ansible before 1.9.2 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.

Priority

Status

Package	Release	Status
ansible Launchpad, Ubuntu, Debian	artful	Not vulnerable (1.9.2+dfsg-1)
	bionic	Not vulnerable (1.9.2+dfsg-1)
	cosmic	Not vulnerable (1.9.2+dfsg-1)
	disco	Not vulnerable (1.9.2+dfsg-1)
	eoan	Not vulnerable (1.9.2+dfsg-1)
	focal	Not vulnerable (1.9.2+dfsg-1)
	groovy	Not vulnerable (1.9.2+dfsg-1)
	hirsute	Not vulnerable (1.9.2+dfsg-1)
	impish	Not vulnerable (1.9.2+dfsg-1)
	jammy	Not vulnerable (1.9.2+dfsg-1)
	kinetic	Not vulnerable (1.9.2+dfsg-1)
	lunar	Not vulnerable (1.9.2+dfsg-1)
	mantic	Not vulnerable (1.9.2+dfsg-1)
	noble	Not vulnerable (1.9.2+dfsg-1)
	precise	Does not exist
	trusty	Needed
	upstream	Released (1.9.2+dfsg-1)
	utopic	Ignored (end of life)
	vivid	Ignored (end of life)
	wily	Not vulnerable (1.9.2+dfsg-1)
	xenial	Not vulnerable (1.9.2+dfsg-1)
	yakkety	Not vulnerable (1.9.2+dfsg-1)
	zesty	Not vulnerable (1.9.2+dfsg-1)

References

Join the discussion

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›

CVE-2015-3908

Priority

Status

References

Join the discussion

Canonical is offering Expanded Security Maintenance

Further reading