vulnerability
Amazon Linux 2023: CVE-2024-11079: Medium priority package update for ansible-core (Multiple Advisories)
Severity | CVSS | Published | Added | Modified |
---|---|---|---|---|
5 | (AV:N/AC:H/Au:S/C:P/I:P/A:P) | Nov 11, 2024 | Feb 17, 2025 | Jul 4, 2025 |
Severity
5
CVSS
(AV:N/AC:H/Au:S/C:P/I:P/A:P)
Published
Nov 11, 2024
Added
Feb 17, 2025
Modified
Jul 4, 2025
Description
A flaw was found in Ansible-Core. This vulnerability allows attackers to bypass unsafe content protections using the hostvars object to reference and execute templated content. This issue can lead to arbitrary code execution if remote data or module outputs are improperly templated within playbooks.
Solution(s)
amazon-linux-2023-upgrade-ansible-coreamazon-linux-2023-upgrade-ansible-test

NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.