Vulnerabilities (CVE)

Filtered by vendor Ansible-semaphore Subscribe
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-39059 1 Ansible-semaphore 1 Ansible Semaphore 2024-11-21 N/A 8.8 HIGH
An issue in ansible semaphore v.2.8.90 allows a remote attacker to execute arbitrary code via a crafted payload to the extra variables parameter.
CVE-2023-28609 1 Ansible-semaphore 1 Ansible Semaphore 2024-11-21 N/A 9.8 CRITICAL
api/auth.go in Ansible Semaphore before 2.8.89 mishandles authentication.