from 0, < 1.6.4
from 0, < 5429b85b9f6c2e640074176f36ff05fd5e4d1916 | from 0, < 1.6.4
CRITICAL9.8Ansible Remote Code Execution
from 0, < 1.5.4
CRITICAL9.8Ansible Remote Code Execution
from 0, < 1.5.4
CRITICAL9.8Ansible Arbitrary Code Execution
from 0, < 1.6.7
CRITICAL9.8Ansible Arbitrary Code Execution
from 0, < 62a1295a3e08cb6c3e9f1b2a1e6e5dcaeab32527 | from 0, < 1.6.7
CRITICAL9.8Ansible Arbitrary Code Execution
from 0, < 62a1295a3e08cb6c3e9f1b2a1e6e5dcaeab32527 | from 0, < 1.6.7
CRITICAL9.8Ansible Arbitrary Code Execution
from 0, < 1.6.7
CRITICAL9.8Ansible Insertion of Sensitive Information into Log File vulnerability
>= 2.4.0.0, < 2.4.1.0, >= 2.3.0.0, < 2.3.3.0
CRITICAL9.8Ansible Insertion of Sensitive Information into Log File vulnerability
>= 2.4.0.0, < 2.4.1.0
CRITICAL9.8ansible - security update
>= 2.3.0.0, < 2.3.1.0
CRITICAL9.8ansible - security update
from 0, < ed56f51f185a1ffd7ea57130d260098686fcc7c2 | from 0, < 2.3.1.0, >= 2.3.2.0, < 2.4.0.0
CRITICAL9.1Ansible fails to properly sanitize fact variables sent from the Ansible controller
from 0, < 2.2.0.0
CRITICAL9.1Ansible fails to properly sanitize fact variables sent from the Ansible controller
from 0, < 2.2.0.0
HIGH8.8Ansible Arbitrary Code Execution
from 0, < 1.6.6
HIGH8.8Ansible Arbitrary Code Execution
from 0, < 8ed6350e65c82292a631f08845dfaacffe7f07f5 | from 0, < 1.6.6
HIGH8.1Ansible is vulnerable to an improper input validation in Ansible's handling of data sent from client systems
from 0, < 2.1.4.0
HIGH8.1Ansible is vulnerable to an improper input validation in Ansible's handling of data sent from client systems
from 0, < 2.1.4.0, >= 2.2.0.0, < 2.2.1.0
HIGH8.0Ansible Arbitrary Code Execution
from 0, < 2.3.0.0
HIGH8.0Ansible Arbitrary Code Execution
from 0, < 2.2.3.0
HIGH7.8ansible - security update
from 0, < 2.6.20, >= 2.7.0, < 2.7.14, >= 2.8.0, < 2.8.6
HIGH7.8ansible - security update
from 0, < 2.6.20
HIGH7.8Ansible Sandbox Escape via Symlink Attack
from 0, < 1.9.2
HIGH7.8Ansible Sandbox Escape via Symlink Attack
from 0, < ca2f2c4ebd7b5e097eab0a710f79c1f63badf95b, < 952166f48eb0f5797b75b160fd156bbe1e8fc647 | from 0, < 1.9.2
HIGH7.8ansible - security update
>= 2.7, < 2.7.1, >= 2.6, < 2.6.7, from 0, < 2.5.11
HIGH7.8ansible - security update
>= 2.7.0a1, < 2.7.1
HIGH7.8Ansible Arbitrary Code Execution
from 0, < 2.4.6.0
HIGH7.8Ansible Arbitrary Code Execution
>= 2.5, < 2.5.6, >= 2.4, < 2.4.6.0, >= 2.6, < 2.6.1
HIGH7.8Ansible Improper Input Validation vulnerability
from 0, < 2.4.6.0, >= 2.5, < 2.5.6, >= 2.6, < 2.6.1
HIGH7.8Ansible Improper Input Validation vulnerability
from 0, < 2.4.6.0
HIGH7.8Path Traversal in Ansible
>= 2.8.0a1, < 2.8.9
HIGH7.8Path Traversal in Ansible
from 0, < 2.7.17, >= 2.8.0, < 2.8.9, >= 2.9.0, < 2.9.6
HIGH7.8Link Following in ansible
from 0, < 2.0.2.0
HIGH7.8Link Following in ansible
>= 2.0.0.0, < 2.0.2.0
HIGH7.5Ansible leaks password to logs
>= 2.5.0, < 7.0.0
HIGH7.5Ansible Exposes Sensitive Information
from 0, < 2.9.19
HIGH7.5Ansible Exposes Sensitive Information
>= 2.10.0a1, < 2.10.6rc1
HIGH7.5Ansible unsafe evaluation of some strings
from 0, < 1.5.4
HIGH7.5Ansible unsafe evaluation of some strings
from 0, < 1.5.4
HIGH7.5ansible - security update
from 0, < 1.9.2
HIGH7.5ansible - security update
from 0, < 1.9.2
HIGH7.5Ansible apt_key module does not properly verify key fingerprint
from 0, < 2.2.0.0
HIGH7.5Ansible apt_key module does not properly verify key fingerprint
from 0, < 2.2.0.0
HIGH7.4OS Command Injection in ansible
from 0, < 2.7.17
HIGH7.4OS Command Injection in ansible
>= 2.10.0a1, < 2.10.0rc1
HIGH7.4Ansible fails to cache SSH host keys
from 0, < 1.2.1
HIGH7.4Ansible fails to cache SSH host keys
from 0, < 1.2.1
HIGH7.3OS Command Injection and Improper Input Validation in ansible
from 0, < 2.7.15, >= 2.8.0, < 2.8.7, >= 2.9.0, < 2.9.2
HIGH7.3OS Command Injection and Improper Input Validation in ansible
from 0, < 2.7.16
HIGH7.1Improper Input Validation and Command Injection in Ansible
from 0, < 2.9.23rc1
HIGH7.1Improper Input Validation and Command Injection in Ansible
from 0, < 2.9.23
HIGH7.1Improper Verification of Cryptographic Signature in ansible
>= 2.8.0a1, < 2.8.15
HIGH7.1Improper Verification of Cryptographic Signature in ansible
>= 2.8.0, < 2.8.16rc1, >= 2.9.0, < 2.9.14rc1
HIGH7.1Code Injection, Race Condition, and Execution with Unnecessary Privileges in Ansible
>= 2.7.0a1, < 2.7.17
HIGH7.1Code Injection, Race Condition, and Execution with Unnecessary Privileges in Ansible
>= 2.7.0, < 2.7.17, >= 2.8.0, < 2.8.9, >= 2.9.0, < 2.9.6
MEDIUM6.5Ansible password prompts could expose passwords
>= 2.6.0, < 2.6.20, >= 2.7.0, < 2.7.14, >= 2.8.0, < 2.8.6
MEDIUM6.5Ansible password prompts could expose passwords
>= 2.8.0, < 2.8.6
MEDIUM6.5ansible - security update
>= 2.6.0, < 2.6.19, >= 2.7.0, < 2.7.13, >= 2.8.0, < 2.8.4
MEDIUM6.5ansible - security update
>= 2.8.0, < 2.8.4
MEDIUM6.5Exposure of Sensitive Information to an Unauthorized Actor in ansible
>= 2.8.0, < 2.8.4
MEDIUM6.5Exposure of Sensitive Information to an Unauthorized Actor in ansible
>= 2.8.0a1, < 2.8.4
MEDIUM6.5Inclusion of Sensitive Information in Log Files and Improper Output Neutralization for Logs in Ansible
>= 2.7.0, < 2.7.15, >= 2.8.0, < 2.8.7, >= 2.9.0, < 2.9.1
MEDIUM6.5Inclusion of Sensitive Information in Log Files and Improper Output Neutralization for Logs in Ansible
>= 2.7.0a1, < 2.7.15
MEDIUM6.3Ansible symlink attack vulnerability
from 0, < 8.5.0
MEDIUM6.2Ansible Arbitrary File Overwrite Vulnerability
>= 1.2.0, < 1.2.3
MEDIUM6.2Ansible Arbitrary File Overwrite Vulnerability
>= 1.2, < 1.2.3
MEDIUM5.9ansible - security update
>= 2.5.0a1, < 2.5.5
MEDIUM5.9ansible - security update
>= 2.5, < 2.5.5, >= 2.4, < 2.4.5.0
MEDIUM5.6Externally Controlled Reference to a Resource in Another Sphere, Improper Input Validation, and External Control of File Name or Path in Ansible
>= 2.7.0, < 2.7.16, >= 2.8.0, < 2.8.8, >= 2.9.0, < 2.9.3
MEDIUM5.6Externally Controlled Reference to a Resource in Another Sphere, Improper Input Validation, and External Control of File Name or Path in Ansible
>= 2.7.0a1, < 2.7.16
MEDIUM5.5Ansible Community General Collection is vulnerable to exposure of sensitive information
from 0, < 12.2.0
MEDIUM5.5Ansible leaks sensitive information to logs when told not to
>= 2.0, < 2.8.1
MEDIUM5.5Ansible leaks sensitive information to logs when told not to
>= 2.9.0a1, < 2.9.0rc4
MEDIUM5.5Ansible Sensitive Files Are Locally Readable
from 0, < 1.5.5
MEDIUM5.5Ansible sets unsafe permissions for sources.list
from 0, < 1.5.5
MEDIUM5.5Ansible Sensitive Files Are Locally Readable
from 0, < 1.5.5
MEDIUM5.5Ansible discloses credential information
from 0, < c4b5e46054c74176b2446c82d4df1a2610eddc08 | from 0, < 1.5.5
MEDIUM5.5Ansible discloses credential information
from 0, < 1.5.5
MEDIUM5.5Ansible sets unsafe permissions for sources.list
from 0, < 1.5.5
MEDIUM5.5Insertion of Sensitive Information into Log File in ansible
>= 2.8.0a1, < 2.8.19
MEDIUM5.5Ansible discloses sensitive information in traceback error message
from 0, < fe28767970c8ec62aabe493c46b53a5de1e5fac0 | from 0, < 2.9.27
MEDIUM5.5Ansible discloses sensitive information in traceback error message
from 0, < 2.9.27
MEDIUM5.5Improper Output Neutralization and Improper Encoding or Escaping of Output for Logs in ansible
from 0, < 2.10.0
MEDIUM5.5Improper Output Neutralization and Improper Encoding or Escaping of Output for Logs in ansible
from 0, < 2.10.0
MEDIUM5.5Insertion of Sensitive Information into Log File and Improper Output Neutralization for Logs in ansible
from 0, < 2.8.14
MEDIUM5.5Insertion of Sensitive Information into Log File and Improper Output Neutralization for Logs in ansible
>= 2.8.0, < 2.8.14, >= 2.9.0, < 2.9.12
MEDIUM5.5Insertion of Sensitive Information into Log File in ansible
from 0, < 2.9.18
MEDIUM5.5Insertion of Sensitive Information into Log File in ansible
from 0, < 2.9.18
MEDIUM5.5Insertion of Sensitive Information into Log File in ansible
from 0, < 2.8.19, >= 2.9.0, < 2.9.18, >= 2.10.0, < 2.10.7
MEDIUM5.5Insertion of Sensitive Information into Log File in ansible
>= 2.9.0a1, < 2.9.18rc1
MEDIUM5.5Exposure of Resource to Wrong Sphere and Insecure Temporary File in Ansible
>= 2.7.0, < 2.7.17, >= 2.8.0, < 2.8.11, >= 2.9.0, < 2.9.7
MEDIUM5.5Exposure of Resource to Wrong Sphere and Insecure Temporary File in Ansible
>= 2.7.0a1, < 2.7.17
MEDIUM5.5Insertion of Sensitive Information into Log File, Invocation of Process Using Visible Sensitive Information, and Exposure of Sensitive Information to an Unauthorized Actor in Ansible
>= 2.7.0a1, < 2.7.18
MEDIUM5.5Insertion of Sensitive Information into Log File, Invocation of Process Using Visible Sensitive Information, and Exposure of Sensitive Information to an Unauthorized Actor in Ansible
from 0, < 2.7.18, >= 2.8.0, < 2.8.11, >= 2.9.0, < 2.9.7
MEDIUM5.5A flaw was found in several ansible modules, where parameters containing credentials, such as secrets, were being logged in plain-text on m…
from 0, < 1.2.2
MEDIUM5.4ansible - security update
from 0, < 2.6.18
MEDIUM5.4ansible - security update
from 0, < 2.6.18, >= 2.7.0, < 2.7.12, >= 2.8.0, < 2.8.2
MEDIUM5.3Ansible sensitive information disclosure
>= 2.5.0, < 2.5.14, >= 2.6.0, < 2.6.11, >= 2.7.0, < 2.7.5
MEDIUM5.3Ansible sensitive information disclosure
from 0, < 2.5.14
MEDIUM5.2Path Traversal in Ansible
>= 2.9.0, < 2.9.7
MEDIUM5.2Path Traversal in Ansible
>= 2.9.0a1, < 2.9.7
MEDIUM5.0Ansible does not collect garbage after playbook run
from 0, < 2.10.1
MEDIUM5.0Ansible does not collect garbage after playbook run
from 0, < 2.10.1
MEDIUM5.0Exposure of Resource to Wrong Sphere and Insecure Temporary File in Ansible
>= 2.7.0, < 2.8.0a1, >= 2.8.0, < 2.8.13, >= 2.9.0, < 2.9.10
MEDIUM5.0Exposure of Resource to Wrong Sphere and Insecure Temporary File in Ansible
>= 2.10.0a1, < 2.10.0rc1
MEDIUM5.0Insufficiently random values in Ansible
from 0, < 2.9.6
MEDIUM5.0Insufficiently random values in Ansible
from 0, < 2.9.6
MEDIUM5.0Ansible vulnerable to Exposure of Resource to Wrong Sphere and Insecure Temporary File
from 0, < 2.7.17, >= 2.8.0, < 2.8.8, >= 2.9.0, < 2.9.6
MEDIUM5.0Ansible vulnerable to Exposure of Resource to Wrong Sphere and Insecure Temporary File
from 0, < 2.7.17
MEDIUM5.0Exposure of Sensitive Information to an Unauthorized Actor in ansible
>= 2.8.0a1, < 2.8.11
MEDIUM5.0Exposure of Sensitive Information to an Unauthorized Actor in ansible
>= 2.7.0, < 2.7.17, >= 2.8.0, < 2.8.11, >= 2.9.0, < 2.9.7
MEDIUM4.9Improper Input Validation in ansible
from 0, < 2.2.1.0
MEDIUM4.9Improper Input Validation in ansible
from 0, < 2.2.1.0
MEDIUM4.7Exposure of Sensitive Information to an Unauthorized Actor and Insecure Temporary File in Ansible
from 0, < 2.7.17
MEDIUM4.7Exposure of Sensitive Information to an Unauthorized Actor and Insecure Temporary File in Ansible
from 0, < 2.7.17, >= 2.8.0, < 2.8.9, >= 2.9.0, < 2.9.6
MEDIUM4.6Path Traversal in Ansible
from 0, < 2.7.17, >= 2.8.0, < 2.8.9, >= 2.9.0, < 2.9.6
MEDIUM4.6Path Traversal in Ansible
>= 2.7.0a1, < 2.7.18
MEDIUM4.4Ansible Logs Passwords If PowerShell ScriptBlock is Enabled
>= 2.7.0, < 2.7.4, >= 2.7.5, < 2.8.1, from 0, < 2.5.13, >= 2.6.0, < 2.6.10
MEDIUM4.4Ansible Logs Passwords If PowerShell ScriptBlock is Enabled
>= 2.7.0a1, < 2.7.3
MEDIUM4.2Ansible Path Traversal vulnerability
>= 2.5.0, < 2.5.15, >= 2.6.0, < 2.6.14, >= 2.7.0, < 2.7.8
MEDIUM4.2Ansible Path Traversal vulnerability
from 0, < 2.5.15
MEDIUM4.0Ansible uses a socket with predictable filename in /tmp
from 0, < 1.2.3
MEDIUM4.0Ansible uses a socket with predictable filename in /tmp
from 0, < 1.2.3
LOW3.9Argument Injection in Ansible
from 0, <= 2.7.16
LOW3.9Argument Injection in Ansible
from 0, < 2.7.17, >= 2.8.0, < 2.8.9, >= 2.9.0, < 2.9.6
LOW3.9Exposure of Sensitive Information to an Unauthorized Actor in Ansible
from 0, < 2.7.17
LOW3.9Exposure of Sensitive Information to an Unauthorized Actor in Ansible
from 0, < 2.7.17, >= 2.8.0, < 2.8.9, >= 2.9.0, < 2.9.6
LOW3.3Incorrect Permission Assignment for Critical Resource in Ansible
from 0, < 2.7.17, >= 2.8.0, < 2.8.9, >= 2.9.0, < 2.9.6
LOW3.3Incorrect Permission Assignment for Critical Resource in Ansible
>= 2.7.0, <= 2.10.0
—A flaw was found in Ansible if an ansible user sets ANSIBLE_ASYNC_DIR to a subdirectory of a world writable directory.
from 0, < 3.0.0