Mageia 9: MGASA-2025-0052 moderate: Ansible-Core Unauthorized Access

mageia

February 12, 2025

Exposure of sensitive information in Ansible vault files due to improper logging

Summary

Exposure of sensitive information in Ansible vault files due to improper logging. (CVE-2024-8775) Ansible-core user may read/write unauthorized content. (CVE-2024-9902) Unsafe tagging bypass via hostvars object in ansible-core. (CVE-2024-11079)

References

- https://bugs.mageia.org/show_bug.cgi?id=33828

- https://www.cve.org/CVERecord?id=CVE-2024-8775

- https://www.cve.org/CVERecord?id=CVE-2024-9902

- https://www.cve.org/CVERecord?id=CVE-2024-11079

Topics Covered

security advisory unauthorized access security issue sensitive information Mageia ansible-core improper logging

Resolution

SRPMS

- 9/core/python-ansible-core-2.14.18-1.mga9

Publication date: 12 Feb 2025

URL: https://advisories.mageia.org/MGASA-2025-0052.html

Type: security

CVE: CVE-2024-8775, CVE-2024-9902, CVE-2024-11079

Topics Covered

security advisory unauthorized access security issue sensitive information Mageia ansible-core improper logging

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Mageia 9: MGASA-2025-0052 moderate: Ansible-Core Unauthorized Access

Summary

References

Topics Covered

Resolution

SRPMS

Topics Covered

Get the latest News and Insights

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Mageia 9: MGASA-2025-0052 moderate: Ansible-Core Unauthorized Access

Summary

References

Topics Covered

Resolution

SRPMS

Topics Covered

Get the latest News and Insights

Related Articles

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!