Product Research Enterprise Plans Docs

PyPi: Ansible-Doctor

CVE-2024-9902

Transitive

Safety vulnerability ID: 74092

This vulnerability was reviewed by experts

The information on this page was manually curated by our Cybersecurity Intelligence Team.

Created at Nov 06, 2024 Updated at Dec 10, 2024

Scan your Python projects for vulnerabilities →

Advisory

Ansible-doctor 7.0.0 updates its dependency 'ansible-core' to v2.14.18 to include a security fix.

Affected package

ansible-doctor

Latest version: 7.0.1

Generate documentation from annotated Ansible roles using templates.

Affected versions

Fixed versions

Vulnerability changelog

Features

- add to_code filter and enable codeblocks for tabulated vars (784) (4bb11fd)

Bug Fixes

- **deps:** update dependency ansible-core to v2.14.18 [security] (805) (888302e)
- unify value format of tabulated vars (792) (ee2cb21)
- **deps:** update dependency dynaconf to v3.2.6 (741) (48c7073)
- **deps:** update dependency structlog to v24.4.0 (740) (266e947)

Others

- **deps:** update python docker tag to v3.13 (791) (5a3d733)
- **deps:** update docker.io/library/python docker tag to v3.13 (790) (b79a51e)
- **deps:** update dependency thegeeklab/hugo-geekdoc to v1.2.1 (802) (e909e50)
- **deps:** update dependency ruff to v0.7.2 (801) (cdacf56)
- **deps:** update dependency pytest-cov to v6 (800) (66de803)
- **deps:** update quay.io/thegeeklab/hugo docker tag to v0.136.5 (798) (885af6e)
- **deps:** lock file maintenance (793) (2f0ad84)
- **deps:** update dependency ruff to v0.7.1 (799) (14da079)
- **deps:** update dependency ruff to v0.7.0 (795) (9c77a76)
- **docker:** update python:3.12-alpine docker digest to 38e179a (794) (0d5c516)
- **deps:** lock file maintenance (788) (56864c1)
- **deps:** update dependency thegeeklab/hugo-geekdoc to v1.1.0 (787) (a581a7e)
- **deps:** update dependency ruff to v0.6.9 (786) (e28cf48)
- **deps:** lock file maintenance (779) (bc39d9f)
- **docker:** update python:3.12-alpine docker digest to e75de17 (783) (31c0186)
- **docker:** update python:3.12-alpine docker digest to cf0a168 (782) (c0a7ccd)
- **deps:** update dependency ruff to v0.6.8 (778) (478be48)
- **deps:** lock file maintenance (777) (f62ddc8)
- **deps:** update dependency ruff to v0.6.7 (776) (c163d34)
- **deps:** bump cryptography from 42.0.8 to 43.0.1 (775) (863f4db)
- **deps:** lock file maintenance (774) (36e6adc)
- **deps:** update devdeps non-major (773) (2d42158)
- **docker:** update python:3.12-alpine docker digest to 7130f75 (772) (58fa1ef)
- **docker:** update python:3.12-alpine docker digest to 7593fc6 (771) (21c9619)
- **deps:** update quay.io/thegeeklab/hugo docker tag to v0.133.0 (759) (5f33817)
- **deps:** lock file maintenance (743) (5a2534c)
- **deps:** update dependency thegeeklab/hugo-geekdoc to v1 (761) (ed951f4)
- **docker:** update python:3.12-alpine docker digest to e0e4d3d (770) (f3763ea)
- **docker:** update python:3.12-alpine docker digest to 98a1fdb (769) (b594c4c)
- **deps:** update dependency ruff to v0.6.4 (767) (6fa2c73)
- **docker:** update python:3.12-alpine docker digest to bb5d0ac (766) (f7ba5d0)
- **docker:** update python:3.12-alpine docker digest to 4dae8a3 (765) (989bb18)
- **docker:** update python:3.12-alpine docker digest to aeff643 (764) (0a3c83c)
- **deps:** update dependency ruff to v0.6.3 (762) (d8218b2)
- **deps:** update dependency ruff to v0.6.2 (760) (2ad04db)
- **deps:** update dependency ruff to v0.6.1 (758) (cd8e9bb)
- **deps:** update dependency ruff to v0.5.7 (755) (e19647a)
- **docker:** update python:3.12-alpine docker digest to c2f41e6 (754) (b41437d)
- **docker:** update python:3.12-alpine docker digest to d25c94a (753) (d086671)
- **docker:** update python:3.12-alpine docker digest to 63094ab (752) (5359e86)
- **deps:** update dependency ruff to v0.5.6 (751) (09a5bb0)
- **docker:** update python:3.12-alpine docker digest to a0c22d8 (750) (3553457)
- **docker:** update python:3.12-alpine docker digest to 2abecb7 (749) (1f911b5)
- **docker:** update python:3.12-alpine docker digest to 7b76f1c (748) (bf1d4ce)
- **deps:** update devdeps non-major (747) (e4b6996)
- **docker:** update python:3.12-alpine docker digest to 7f15e22 (746) (3ba3258)
- **docker:** update python:3.12-alpine docker digest to 0032125 (745) (b8850ef)
- **docker:** update python:3.12-alpine docker digest to dbb264b (744) (5d399c1)
- **deps:** update devdeps non-major (742) (66b216f)
- **deps:** update dependency ruff to v0.5.2 (736) (effa787)
- **deps:** update dependency thegeeklab/hugo-geekdoc to v0.47.0 (737) (4a2825b)
- **docker:** update python:3.12-alpine docker digest to 0bd77ae (735) (c9066fe)
- **docker:** update python:3.12-alpine docker digest to 29d92b7 (734) (0661b4d)
- **deps:** update quay.io/thegeeklab/wp-docker-buildx docker tag to v5 (733) (b34bbda)

CI Pipeline

- add trivy and replace deprecated workflow syntax (797) (68167b5)
- fix notification step (10ea90a)

Breaking Changes

- The support for Python 3.9 was removed.

Resources

Use this package?

Scan your Python project for dependency vulnerabilities in two minutes

Scan your application

Severity Details

CVSS Base Score

MEDIUM 6.3

CVSS v3 Details

MEDIUM 6.3

Attack Vector (AV): LOCAL
Attack Complexity (AC): HIGH
Privileges Required (PR): LOW
User Interaction (UI): REQUIRED
Scope (S): UNCHANGED
Confidentiality Impact (C): HIGH
Integrity Impact (I): HIGH
Availability Availability (A): LOW