Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ansible vulnerabilities and exploits
(subscribe to this query)
409
VMScore
CVE-2019-14905
A vulnerability was found in Ansible Engine versions 2.9.x prior to 2.9.3, 2.8.x prior to 2.8.8, 2.7.x prior to 2.7.16 and previous versions, where in Ansible's nxos_file_copy module can be used to copy files to a flash or bootflash on NXOS devices. Malicious code could craf...
Redhat Ansible Engine
Redhat Cloudforms Management Engine 5.0
Redhat Ceph Storage 3.0
Redhat Ansible Tower 3.0.0
Redhat Openstack 13
Fedoraproject Fedora 30
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
356
VMScore
CVE-2020-10716
A flaw was found in Red Hat Satellite's Job Invocation, where the "User Input" entry was not properly restricted to the view. This flaw allows a malicious Satellite user to scan through the Job Invocation, with the ability to search for passwords and other sensitiv...
Redhat Satellite Capsule 6.7
Redhat Satellite 6.7
Theforeman Foreman Ansible
543
VMScore
CVE-2019-14904
A flaw was found in the solaris_zone module from the Ansible Community modules. When setting the name for the zone on the Solaris host, the zone name is checked by listing the process with the 'ps' bare command on the remote machine. An attacker could take advantage of ...
Redhat Ansible
Debian Debian Linux 9.0
Debian Debian Linux 10.0
294
VMScore
CVE-2020-1739
A flaw was found in Ansible 2.7.16 and prior, 2.8.8 and prior, and 2.9.5 and prior when a password is set with the argument "password" of svn module, it is used on svn command line, disclosing to other users within the same node. An attacker could take advantage by read...
Redhat Ansible Tower
Redhat Ansible
Redhat Cloudforms Management Engine 5.0
Redhat Openstack 13
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Debian Debian Linux 8.0
Debian Debian Linux 10.0
170
VMScore
CVE-2020-10685
A flaw was found in Ansible Engine affecting Ansible Engine versions 2.7.x prior to 2.7.17 and 2.8.x prior to 2.8.11 and 2.9.x prior to 2.9.7 as well as Ansible Tower before and including versions 3.4.5 and 3.5.5 and 3.6.3 when using modules which decrypts vault files such as ass...
Redhat Ansible Tower
Redhat Ansible Engine
Redhat Ceph Storage 3.0
Redhat Openstack 10
Redhat Ceph Storage 2.0
Redhat Storage 3.0
Redhat Openstack 13
Redhat Openstack 15
Debian Debian Linux 10.0
329
VMScore
CVE-2020-1733
A race condition flaw was found in Ansible Engine 2.7.17 and prior, 2.8.9 and prior, 2.9.6 and prior when running a playbook with an unprivileged become user. When Ansible needs to run a module with become user, the temporary directory is created in /var/tmp. This directory is cr...
Redhat Cloudforms Management Engine 5.0
Redhat Ansible Tower
Redhat Ansible
Redhat Openstack 13
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Debian Debian Linux 8.0
Debian Debian Linux 10.0
1 Github repository
169
VMScore
CVE-2020-1740
A flaw was found in Ansible Engine when using Ansible Vault for editing encrypted files. When a user executes "ansible-vault edit", another user on the same computer can read the old and new secret, as it is created in a temporary file with mkstemp and the returned file...
Redhat Cloudforms Management Engine 5.0
Redhat Ansible Tower
Redhat Openstack 13
Redhat Ansible
Debian Debian Linux 8.0
Debian Debian Linux 10.0
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Fedoraproject Fedora 32
NA
CVE-2022-2568
A privilege escalation flaw was found in the Ansible Automation Platform. This flaw allows a remote authenticated user with 'change user' permissions to modify the account settings of the superuser account and also remove the superuser privileges.
Redhat Ansible Automation Platform 2.1
Redhat Ansible Automation Platform 2.2
Redhat Ansible Automation Platform 2.0
187
VMScore
CVE-2020-25677
A flaw was found in Ceph-ansible v4.0.41 where it creates an /etc/ceph/iscsi-gateway.conf with insecure default permissions. This flaw allows any user on the system to read sensitive information within this file. The highest threat from this vulnerability is to confidentiality.
Ceph Ceph-ansible 4.0.41
Redhat Ceph Storage 3.0
Redhat Ceph Storage 4.0
356
VMScore
CVE-2019-14856
ansible prior to 2.8.6, 2.7.14, 2.6.20 is vulnerable to a None
Redhat Ansible
Opensuse Backports Sle 15.0
Opensuse Leap 15.1
Redhat Openstack 13
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »