Versions
Redhat Ansible Automation PlatformA flaw was found in ansible-tower where the default installation is vulnerable to job isolation esca…
pip/ansibleInput Validation, Command Injection, Code Injection
redhat/ansibleA flaw was found in several ansible modules, where parameters containing credentials, such as secret…
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
redhat/ansible-towerA flaw was found in ansible tower. Default installations are vulnerable to “Job Isolation” Escapes t…
redhat/ansibleA few different modules leak sensitive data such as secret values. This could lead in disclosing tho…
redhat/ansiblesnmp_facts module in Ansible leaks user authentication such as authKey and privKey. This could lead …
Redhat Ansible TowerThe dnf ansible module is not checking GPG signatures when installing packages. This allows installi…
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
redhat/ansible_towerAnsible Tower automatically associates an alias to a user's email in the API. This means that an att…
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Redhat Ansible TowerOAuth2 refresh tokens do not respect the expiration specified in REFRESH_TOKEN_EXPIRE_SECONDS.
redhat/ansible_towerTower executes a memcached which is accessed via TCP on a domain socket that it is shared amongst co…
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
redhat/ansibleWhen a module uses a file that was encrypted with vault, it doesn not remove the decrypted file in /…
Redhat Ansible TowerA flaw was found in Ansible Engine when the module package or service is used and the parameter 'use…
Redhat Ansible TowerA flaw was found in Ansible Engine when a file is moved using atomic_move primitive as the file mode…
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Redhat AnsibleAnsible, versions 2.9.x before 2.9.1, 2.8.x before 2.8.7 and Ansible versions 2.7.x before 2.7.15, i…
Redhat Ansible TowerA flaw was found in Ansible Tower, versions 3.6.x before 3.6.2, where files in '/var/backup/tower' a…
Redhat Ansible TowerA flaw was found in Ansible Tower, versions 3.6.x before 3.6.2 and 3.5.x before 3.5.4, when /websock…
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Redhat Ansible TowerA flaw was found in Ansible Tower, versions 3.6.x before 3.6.2 and 3.5.x before 3.5.3, where enablin…
redhat/ansible-engineCommand Injection, OS Command Injection, Input Validation
Redhat Ansible TowerA vulnerability was found in Ansible Tower before 3.6.1 where an attacker with low privilege could r…
pip/ansibleWhen a module has an argument_spec with sub parameters marked as no_log, passing an invalid paramete…
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Fedoraproject FedoraIt was found that the superexec operator was available in the internal dictionary in ghostscript bef…
Fedoraproject FedoraThe .forceput (or .forcedef depending on the ghostscript version) is still accessible via DefineReso…
Redhat Ansible TowerAnsible Tower before version 3.3.3 does not set a secure channel as it is using the default insecure…
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Redhat Enterprise LinuxGit before 2.14.5, 2.15.x before 2.15.3, 2.16.x before 2.16.5, 2.17.x before 2.17.2, 2.18.x before 2…
Redhat Ansible TowerA privilege escalation flaw was found in the Ansible Tower. When Tower before 3.0.3 deploys a Postgr…
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.