ansible-rulebook@1.0.5 vulnerabilities
Event driven automation for Ansible
-
latest version
1.1.0
-
first published
2 years ago
-
latest version published
17 days ago
-
licenses detected
- [0,)
Direct Vulnerabilities
Known vulnerabilities in the ansible-rulebook package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.| Vulnerability | Vulnerable Version |
|---|---|
ansible-rulebook is an Event driven automation for Ansible Affected versions of this package are vulnerable to Improper Restriction of Communication Channel to Intended Endpoints due to the use of an insecure WebSocket connection during installation from the EDA server. An attacker with access to any machine within the CIDR block could exploit this to download all rulebook data from the WebSocket, leading to a compromise of both the confidentiality and integrity of the system. How to fix Improper Restriction of Communication Channel to Intended Endpoints? There is no fixed version for |
[0,)
|