Your submission was sent successfully! Close

CVE-2020-25636

Published: 5 October 2020

A flaw was found in Ansible Base when using the aws_ssm connection plugin as there is no namespace separation for file transfers. Files are written directly to the root bucket, making possible to have collisions when running multiple ansible processes. This issue affects mainly the service availability.

Priority

Low

CVSS 3 base score: 7.1

Status

Package Release Status
ansible
Launchpad, Ubuntu, Debian
bionic Needs triage

focal Needs triage

groovy Ignored
(reached end-of-life)
hirsute Ignored
(reached end-of-life)
impish Needs triage

jammy Needs triage

precise Does not exist

trusty Needs triage

upstream Not vulnerable
(debian: Vulnerable connection/aws_ssm plugin not included)
xenial Ignored
(end of standard support, was needs-triage)