Aws Community Community Collections vulnerabilities

2 known vulnerabilities affecting aws_community/community_collections.

Total CVEs

2

CISA KEV

0

Public exploits

0

Exploited in wild

0

Severity breakdown

HIGH1MEDIUM1

Vulnerabilities

Page 1 of 1

CVE-2020-25636HIGHCVSS 7.1vfrom 1.0.0 to 1.2.02020-10-05

CVE-2020-25636 [HIGH] CWE-377 CVE-2020-25636: A flaw was found in Ansible Base when using the aws_ssm connection plugin as there is no namespace s A flaw was found in Ansible Base when using the aws_ssm connection plugin as there is no namespace separation for file transfers. Files are written directly to the root bucket, making possible to have collisions when running multiple ansible processes. This issue affects mainly the service availability.

CVE-2020-25635MEDIUMCVSS 5.5vfrom 1.0.0 to 1.2.02020-10-05

CVE-2020-25635 [MEDIUM] CWE-212 CVE-2020-25635: A flaw was found in Ansible Base when using the aws_ssm connection plugin as garbage collector is no A flaw was found in Ansible Base when using the aws_ssm connection plugin as garbage collector is not happening after playbook run is completed. Files would remain in the bucket exposing the data. This issue affects directly data confidentiality.