VDB

GCVE-110-MAGEIA-2019-234

GCVE-110-MAGEIA-2019-234
Advisory Published
Vulnetix · Advisory published August 31, 2019
Updated ansible package fixes security vulnerability: A flaw was discovered in the way Ansible templating was implemented before version 2.7.12, causing the possibility of information disclosure through unexpected variable substitution. By taking advantage of unintended variable substitution the content of any variable may be disclosed (CVE-2019-10156). Also, python-jmespath was added as a new dependency in Mageia 6.

Affected Products

VendorProductVersionsPlatforms
Mageiaansible0 (affected), 2.7.12-1.mga7 (unaffected), 0 (affected), 2.7.12-1.mga7 (unaffected)
Mageiapython-jmespath0 (affected), 0.9.4-1.2.mga6 (unaffected), 0 (affected), 0.9.4-1.2.mga6 (unaffected)
Mageiabtrfs-progs0 (affected), 5.4-1.mga7 (unaffected)
Mageiaansible0 (affected), 2.7.12-1.mga6 (unaffected), 0 (affected), 2.7.12-1.mga6 (unaffected)

Browse GCVE Records

73,280 records in the GCVE database · Updated July 17, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›