Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
NA

CVE-2023-39059

Published: 28/08/2023 Updated: 30/08/2023
CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8
VMScore: 0
Subscribe to Ansible Semaphore

Vulnerability Summary

An issue in ansible semaphore v.2.8.90 allows a remote malicious user to execute arbitrary code via a crafted payload to the extra variables parameter.

Vulnerable Product Search on Vulmon Subscribe to Product

ansible-semaphore ansible semaphore 2.8.90

References

NVD-CWE-noinfohttps://gist.github.com/Alevsk/1757da24c5fb8db735d392fd4146ca3ahttps://www.alevsk.com/2023/07/a-quick-story-of-security-pitfalls-with-execcommand-in-software-integrations/https://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48700CVE-2022-48689CVE-2024-27956CVE-2023-6363SQLNULL pointer dereferenceCVE-2023-41830CVE-2015-2051arbitrary
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook