docksible 0.5.1 vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the docksible package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free

Vulnerability	Vulnerable Version
M Incorrect Default Permissions docksible is a Deploy and set up Docker Compose based web apps with Ansible Affected versions of this package are vulnerable to Incorrect Default Permissions via the file permissions of `docker-compose` files. An attacker could gain unauthorized access to sensitive configuration data or modify service definitions by exploiting overly permissive default permissions. This can lead to unauthorized access to services or exposure of sensitive data. How to fix Incorrect Default Permissions? Upgrade `docksible` to version 0.8.2 or higher.	[,0.8.2)
M Access Control Bypass docksible is a Deploy and set up Docker Compose based web apps with Ansible Affected versions of this package are vulnerable to Access Control Bypass. This vulnerability allows attackers to exploit the `/xmlrpc.php` endpoint in WordPress, enabling brute force attacks, DDoS attacks, and potential remote code execution. The issue arises from unrestricted access to `/xmlrpc.php` in the Nginx configuration files. It is exploitable remotely by sending crafted HTTP requests to the endpoint. How to fix Access Control Bypass? Upgrade `docksible` to version 0.6.1 or higher.	[,0.6.1)

Vulnerability

Vulnerable Version

Incorrect Default Permissions

docksible is a Deploy and set up Docker Compose based web apps with Ansible

Affected versions of this package are vulnerable to Incorrect Default Permissions via the file permissions of docker-compose files. An attacker could gain unauthorized access to sensitive configuration data or modify service definitions by exploiting overly permissive default permissions. This can lead to unauthorized access to services or exposure of sensitive data.

How to fix Incorrect Default Permissions?

Upgrade docksible to version 0.8.2 or higher.

[,0.8.2)

Access Control Bypass

docksible is a Deploy and set up Docker Compose based web apps with Ansible

Affected versions of this package are vulnerable to Access Control Bypass. This vulnerability allows attackers to exploit the /xmlrpc.php endpoint in WordPress, enabling brute force attacks, DDoS attacks, and potential remote code execution. The issue arises from unrestricted access to /xmlrpc.php in the Nginx configuration files. It is exploitable remotely by sending crafted HTTP requests to the endpoint.

How to fix Access Control Bypass?

Upgrade docksible to version 0.6.1 or higher.

[,0.6.1)

docksible@0.5.1 vulnerabilities

Deploy and set up Docker Compose based web apps with Ansible

latest version

latest non vulnerable version

first published

latest version published

licenses detected

Direct Vulnerabilities

Fix vulnerabilities automatically