VDB
DEBIAN-CVE-2019-3828
DEBIAN-CVE-2019-3828
PUBLISHED
CVSS 4.199999809265137 MEDIUM
Ansible fetch module before versions 2.5.15, 2.6.14, 2.7.8 has a path traversal vulnerability which allows copying and overwriting files outside of the specified destination in the local ansible controller host, by not restricting an absolute path.
Risk Scores
CVSS v3.1
4.199999809265137
CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:12 | ansible | 0, 0, 0 |
| Debian:14 | ansible | 0, 0, 0 |
| Debian:11 | ansible | 0, 0, 0 |
| Debian:13 | ansible | 0, 0, 0 |
Timeline
- Mar 27, 2019 CVE Published
- Apr 28, 2026 CVE Updated