Oval Definition:	oval:org.opensuse.security:def:20153908
Revision Date: 2022-06-30 Version: 1 Title: CVE-2015-3908 Description: Ansible before 1.9.2 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate. Family: unix Class: vulnerability Status: Reference(s): CVE-2015-3908 Mitre CVE-2015-3908 SUSE CVE-2015-3908 openSUSE-SU-2015:1280-1 openSUSE-SU-2015:1452-1 Platform(s): openSUSE 13.2 openSUSE Tumbleweed SUSE OpenStack Cloud 7 Product(s): Definition Synopsis openSUSE 13.2 is installed AND ansible-1.7.1-2.8.1 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND ansible is affected Definition Synopsis openSUSE Tumbleweed is installed AND ansible-2.2.0.0-1.1 is installed
BACK