Auto-merge PR#2754

2025-06-12 02:05:39 +00:00 · 2019-11-22 07:21:13 -05:00 · 2019-11-22 07:21:13 -05:00 · 11638f122d
commit 11638f122d
parent bacd407df2 f727f2ffb1
1 changed files with 63 additions and 4 deletions
--- a/2019/10xxx/CVE-2019-10206.json
+++ b/2019/10xxx/CVE-2019-10206.json
@ -4,15 +4,74 @@
    "data_version": "4.0",
    "CVE_data_meta": {
        "ID": "CVE-2019-10206",
-        "ASSIGNER": "cve@mitre.org",
-        "STATE": "RESERVED"
+        "ASSIGNER": "mrehak@redhat.com"
+    },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "vendor_name": "Red Hat",
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "Ansible",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "all 2.8.x before 2.8.4"
+                                        },
+                                        {
+                                            "version_value": "all 2.7.x before 2.7.13"
+                                        },
+                                        {
+                                            "version_value": "all 2.6.x before 2.6.19"
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    }
+                }
+            ]
+        }
+    },
+    "problemtype": {
+        "problemtype_data": [
+            {
+                "description": [
+                    {
+                        "lang": "eng",
+                        "value": "CWE-20"
+                    }
+                ]
+            }
+        ]
+    },
+    "references": {
+        "reference_data": [
+            {
+                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10206",
+                "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10206",
+                "refsource": "CONFIRM"
+            }
+        ]
    },
    "description": {
        "description_data": [
            {
                "lang": "eng",
-                "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+                "value": "ansible-playbook -k and ansible cli tools, all versions 2.8.x before 2.8.4, all 2.7.x before 2.7.13 and all 2.6.x before 2.6.19, prompt passwords by expanding them from templates as they could contain special characters. Passwords should be wrapped to prevent templates trigger and exposing them."
            }
        ]
+    },
+    "impact": {
+        "cvss": [
+            [
+                {
+                    "vectorString": "6.4/CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N",
+                    "version": "3.0"
+                }
+            ]
+        ]
    }
-}
+}