added version information and upstream reference.

2025-08-04 08:44:25 +00:00 · 2020-03-16 11:32:39 -03:00 · 2020-03-16 11:32:39 -03:00 · b49e34c665
commit b49e34c665
parent 009d252a34
1 changed files with 7 additions and 2 deletions
--- a/2020/1xxx/CVE-2020-1735.json
+++ b/2020/1xxx/CVE-2020-1735.json
@ -18,7 +18,7 @@
                                "version": {
                                    "version_data": [
                                        {
-                                            "version_value": "n/a"
+                                            "version_value": "2.7.x, 2.8.x, 2.9.x"
                                        }
                                    ]
                                }
@ -47,6 +47,11 @@
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1735",
                "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1735",
                "refsource": "CONFIRM"
+            },
+            {
+                "url": "https://github.com/ansible/ansible/issues/67793",
+                "name": "https://github.com/ansible/ansible/issues/67793",
+                "refsource": "CONFIRM"
            }
        ]
    },
@ -54,7 +59,7 @@
        "description_data": [
            {
                "lang": "eng",
-                "value": "A flaw was found in the Ansible Engine when the fetch module is used. An attacker could intercept the module, inject a new path, and then choose a new destination path on the controller node."
+                "value": "A flaw was found in the Ansible Engine when the fetch module is used. An attacker could intercept the module, inject a new path, and then choose a new destination path on the controller node. All versions in 2.7.x, 2.8.x and 2.9.x branches are believed to be vulnerable."
            }
        ]
    },