CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

301 matches found

AstraLinux•added 2026/06/19 11:10 a.m.•3 views

Astra Linux – Vulnerability in Ansible

A flaw was discovered in Ansible Engine, in ansible-engine 2.8.x before 2.8.15, and ansible-engine 2.9.x before 2.9.13, when installing packages using the dnf module. GPG signatures are ignored during installation, even when the disablegpgcheck parameter is set to False—which is the default...

7.1CVSS8.1AI score0.00233EPSS

Exploits0References2

AstraLinux•added 2026/06/19 11:10 a.m.•5 views

Astra Linux – Vulnerability in Ansible

A flaw was discovered in Ansible Engine, affecting versions 2.7.x before 2.7.17, 2.8.x before 2.8.11, 2.9.x before 2.9.7, as well as Ansible Tower in versions 3.4.5, 3.5.5, and 3.6.3. This issue occurs when using modules that decrypt vault files, such as assemble, script, unarchive, wincopy, awss...

5.5CVSS6.7AI score0.00376EPSS

Exploits0References2

AstraLinux•added 2026/06/19 11:10 a.m.•4 views

Astra Linux – Vulnerability in Ansible

A flaw was discovered in Ansible Engine. This flaw occurs in all versions of Ansible Engine from 2.7.x, 2.8.x, and 2.9.x, as of 2.7.17, 2.8.9, and 2.9.6, respectively. The issue arises when using ansiblefacts as a subkey of itself and promoting it to a variable when inject is enabled. After the...

7.9CVSS7.1AI score0.00345EPSS

Exploits0References1

AstraLinux•added 2026/06/19 11:10 a.m.•8 views

Astra Linux – Vulnerability in Ansible

In Ansible, all Ansible Engine versions up to ansible-engine 2.8.5, ansible-engine 2.7.13, and ansible-engine 2.6.19 were logging at the DEBUG level. This led to the disclosure of credentials if a plugin used a library that logged credentials at the DEBUG level. This flaw does not affect Ansible...

7.8CVSS6.3AI score0.00509EPSS

Exploits0References1

AstraLinux•added 2026/05/20 5:53 a.m.•2 views

Astra Linux - уязвимость в ansible

A race condition flaw was discovered in Ansible Engine 2.7.17 and earlier versions, as well as 2.8.9 and earlier, and 2.9.6 and earlier. This issue occurs when running a playbook with an unprivileged “become user” command. When Ansible needs to execute a module with the “become user” command, a...

5CVSS6.9AI score0.004EPSS

Exploits1References2

AstraLinux•added 2026/05/20 5:53 a.m.•4 views

Astra Linux - уязвимость в ansible

A security flaw was discovered in Ansible Engine. This flaw occurs in Ansible 2.7.x versions prior to 2.7.17, Ansible 2.8.x versions prior to 2.8.11, and Ansible 2.9.x versions prior to 2.9.7 when managing Kubernetes using the k8s module. Sensitive parameters such as passwords and tokens are pass...

5.5CVSS6.7AI score0.00506EPSS

Exploits1References2

AstraLinux•added 2026/05/03 11:59 p.m.•3 views

Astra Linux – Vulnerability in Ansible

A flaw was discovered in the ansible-connection module of Ansible Engine, where sensitive information such as Ansible user credentials is disclosed by default in the traceback error message. The greatest threat posed by this vulnerability is related to confidentiality...

5.5CVSS6.7AI score0.00384EPSS

Exploits0References2

AstraLinux•added 2026/05/03 11:59 p.m.•5 views

Astra Linux – Vulnerability in Ansible

A flaw was discovered in Ansible Engine 2.9.18, where sensitive information is not masked by default, and the nolog feature is not protected when using the sub-option feature of the basic.py module. This flaw allows an attacker to obtain sensitive information. The greatest threat posed by this...

7.5CVSS7.4AI score0.02043EPSS

Exploits0References1