Path Traversal Vulnerability in Ansible Fetch Module
CVE-2019-3828 · MEDIUM Severity
CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
Ansible fetch module before versions 2.5.15, 2.6.14, 2.7.8 has a path traversal vulnerability which allows copying and overwriting files outside of the specified destination in the local ansible controller host, by not restricting an absolute path.
Learn more about our Web Application Penetration Testing UK.