Versions
pip/ansible-coreAnsible-core: possible information leak in tasks that ignore ansible_no_log configuration
redhat/ansibleA flaw was found in several ansible modules, where parameters containing credentials, such as secret…
redhat/ansibleA few different modules leak sensitive data such as secret values. This could lead in disclosing tho…
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
redhat/ansibleThe bitbucket_pipeline module leaks sensitive info such as secret values. This could lead in disclos…
redhat/ansiblesnmp_facts module in Ansible leaks user authentication such as authKey and privKey. This could lead …
Redhat AnsibleA flaw was found in Ansible Base when using the aws_ssm connection plugin as garbage collector is no…
Redhat AnsibleA flaw was found in Ansible Base when using the aws_ssm connection plugin as there is no namespace s…
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Redhat Ansible TowerA flaw was found in Ansible Engine when the module package or service is used and the parameter 'use…
Redhat Ansible TowerA flaw was found in Ansible Engine when a file is moved using atomic_move primitive as the file mode…
Redhat AnsibleAnsible before 1.5.5 sets 0644 permissions for sources.list, which might allow local users to obtain…
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Debian Debian LinuxThe safe_eval function in Ansible before 1.6.4 does not properly restrict the code subset, which all…
Redhat AnsibleMultiple argument injection vulnerabilities in Ansible before 1.6.7 allow remote attackers to execut…
Redhat AnsibleAnsible before 1.6.7 does not prevent inventory data with "{{" and "lookup" substrings, and does not…
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Redhat AnsibleAnsible prior to 1.5.4 mishandles the evaluation of some strings.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Redhat AnsibleAnsible, versions 2.9.x before 2.9.1, 2.8.x before 2.8.7 and Ansible versions 2.7.x before 2.7.15, i…
Redhat Ansibleansible before versions 2.8.6, 2.7.14, 2.6.20 is vulnerable to a None
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Redhat AnsibleA flaw was found in Ansible before version 2.2.0. The apt_key module does not properly verify key fi…
Redhat AnsibleIt was discovered that jenkins_plugin module in Ansible exposes passwords with the params attribute …
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
pip/ansibleThe chroot, jail, and zone connection plugins in ansible before 1.9.2 allow local users to escape a …
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Fedoraproject FedoraA vulnerability in lxc_container, ansible module, was found allowing to get root inside the containe…
Redhat AnsibleAnsible before 1.9.2 does not verify that the server hostname matches a domain name in the subject's…
Redhat Ansiblelib/ansible/playbook/__init__.py in Ansible 1.2.x before 1.2.3, when playbook does not run due to an…
Redhat AnsibleAnsible before 1.2.1 makes it easier for remote attackers to conduct man-in-the-middle attacks by le…
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.