1.1.2
2 years ago
16 days ago
Known vulnerabilities in the ansible-rulebook package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for freeVulnerability | Vulnerable Version |
---|---|
ansible-rulebook is an Event driven automation for Ansible Affected versions of this package are vulnerable to Improper Restriction of Communication Channel to Intended Endpoints due to the use of an insecure WebSocket connection during installation from the EDA server. An attacker with access to any machine within the CIDR block could exploit this to download all rulebook data from the WebSocket, leading to a compromise of both the confidentiality and integrity of the system. How to fix Improper Restriction of Communication Channel to Intended Endpoints? There is no fixed version for | [0,) |