cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-5115,https://securityvulnerability.io/vulnerability/CVE-2023-5115,Ansible: malicious role archive can cause ansible-galaxy to overwrite arbitrary files,An absolute path traversal attack exists in the Ansible automation platform. This flaw allows an attacker to craft a malicious Ansible role and make the victim execute the role. A symlink can be used to overwrite a file outside of the extraction path.,Red Hat,"Red Hat Ansible Automation Platform 2.3 For Rhel 8,Red Hat Ansible Automation Platform 2.3 For Rhel 9,Red Hat Ansible Automation Platform 2.4 For Rhel 8,Red Hat Ansible Automation Platform 2.4 For Rhel 9,Red Hat Ansible Automation Platform 1.2",6.3,MEDIUM,0.0010499999625608325,false,,false,false,false,,,false,false,,2023-12-18T14:15:00.000Z,0
CVE-2023-3971,https://securityvulnerability.io/vulnerability/CVE-2023-3971,Controller: html injection in custom login info,"An HTML injection vulnerability exists in the user interface settings of Red Hat Controller, which allows attackers to inject malicious HTML code. This can lead to the creation of custom login pages designed to capture user credentials. As a result, attackers may gain unauthorized access to sensitive information by tricking users into entering their credentials on these fraudulent pages.",Red Hat,"Red Hat Ansible Automation Platform 2.3 For Rhel 8,Red Hat Ansible Automation Platform 2.3 For Rhel 9,Red Hat Ansible Automation Platform 2.4 For Rhel 8,Red Hat Ansible Automation Platform 2.4 For Rhel 9",7.3,HIGH,0.0015200000489130616,false,,false,false,true,2023-10-20T18:11:22.000Z,true,false,false,,2023-10-04T15:15:00.000Z,0