The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. (Code in /usr/lib is not necessarily safe for loading into ssh-agent.) NOTE: this issue exists because of an incomplete fix for CVE-2016-10009. Source Definition: CVE-2023-38408 at…
Red Hat Ansible Automation Platform (AAP) or Ansible Tower has become de facto Automation Tool for deploying the Automation projects to automate the System Administration tasks such as configuration management, application deployment, provisioning, orchestration, and continuous delivery. Although AAP and Ansible Tower are designed to run on large scale Infrastructure environment but sometime running complex…
