Search CVE reports
21 – 30 of 87 results
Some fixes available 2 of 15
A flaw was found in Ansible Engine's ansible-connection module, where sensitive information such as the Ansible user credentials is disclosed by default in the traceback error message. The highest threat from this vulnerability is...
3 affected packages
ansible, ansible-base, ansible-core
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| ansible | Vulnerable | Vulnerable | Fixed | Fixed | Not affected |
| ansible-base | Not in release | Not in release | Not in release | Not in release | Not in release |
| ansible-core | Not affected | Not affected | Not affected | Not in release | Not in release |
Some fixes available 4 of 17
A flaw was found in Ansible, where a user's controller is vulnerable to template injection. This issue can occur through facts used in the template if the user is trying to put templates in multi-line YAML strings and the facts...
3 affected packages
ansible, ansible-base, ansible-core
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| ansible | Vulnerable | Vulnerable | Fixed | Fixed | Fixed |
| ansible-base | Not in release | Not in release | Not in release | Not in release | Not in release |
| ansible-core | Not affected | Not affected | Not affected | Not in release | Not in release |
Rejected reason: This vulnerability does not meet the criteria for a security vulnerability
3 affected packages
ansible, ansible-base, ansible-core
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| ansible | — | — | Vulnerable | Vulnerable | Vulnerable |
| ansible-base | — | — | Not in release | Not in release | Not in release |
| ansible-core | — | — | Not affected | Not in release | Not in release |
Rejected reason: This CVE is marked as INVALID and not a bug
3 affected packages
ansible, ansible-base, ansible-core
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| ansible | — | — | Vulnerable | Vulnerable | Vulnerable |
| ansible-base | — | — | Not in release | Not in release | Not in release |
| ansible-core | — | — | Not affected | Not in release | Not in release |
Some fixes available 2 of 3
A flaw was found in the use of insufficiently random values in Ansible. Two random password lookups of the same length generate the equal value as the template caching action for the same file since no re-evaluation happens. The...
1 affected package
ansible
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| ansible | — | Not affected | Not affected | Not affected | Fixed |
A flaw was found in ansible. Credentials, such as secrets, are being disclosed in console log by default and not protected by no_log feature when using those modules. An attacker can take advantage of this information to steal...
1 affected package
ansible
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| ansible | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
A flaw was found in ansible module where credentials are disclosed in the console log by default and not protected by the security feature when using the bitbucket_pipeline_variable module. This flaw allows an attacker to steal...
1 affected package
ansible
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| ansible | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
A flaw was found in the Ansible Engine 2.9.18, where sensitive info is not masked by default and is not protected by the no_log feature when using the sub-option feature of the basic.py module. This flaw allows an attacker...
1 affected package
ansible
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| ansible | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
A flaw was found in several ansible modules, where parameters containing credentials, such as secrets, were being logged in plain-text on managed nodes, as well as being made visible on the controller node when run in verbose...
1 affected package
ansible
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| ansible | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
A flaw was found in Ansible Collection community.crypto. openssl_privatekey_info exposes private key in logs. This directly impacts confidentiality
1 affected package
ansible
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| ansible | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |