22 matches found
CLSA-2025-1748451788 Fix CVE(s): CVE-2021-3583
SECURITY UPDATE: template Injection Vulnerability - debian/patches/CVE-2021-3583.patch: fix unsafe preservation across newlines to ensure always having unsafe - CVE-2021-3583...
Debian dla-3695 : ansible - security update
The remote Debian 11 host has a package installed that is affected by a vulnerability as referenced in the dla-3695 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3695-2 [email protected] https://www.debian.org/lts/security/...
Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to multiple Operator package issues
Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to multiple Operator package issues. IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data has migrated to a new base image for the Operators used by our Speech Services. The following vulnerabilities...
Ubuntu 16.04 ESM / 18.04 ESM / 20.04 ESM / 22.04 ESM : Ansible vulnerabilities (USN-5315-1)
The remote Ubuntu 16.04 ESM / 18.04 ESM / 20.04 ESM / 22.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5315-1 advisory. It was discovered that Ansible did not properly manage directory permissions when running playbooks with an...
Amazon Linux 2 : ansible (ALASANSIBLE2-2023-001)
The version of ansible installed on the remote host is prior to 2.9.23-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2ANSIBLE2-2023-001 advisory. A flaw was found in Ansible, where a user's controller is vulnerable to template injection. This issue can occur through...
Ubuntu: Security Advisory (USN-5315-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to injection attacks in Ansible (CVE-2021-3583).
Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to attacks in Ansible, caused by template injection in the user's controller CVE-2021-3583. Attackers could exploit this vulnerability to execute arbitrary commands on the system. Ansible is included in some of...
SUSE: Security Advisory (SUSE-SU-2022:3178-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE: Security Advisory for Important (SUSE-SU-2022:3178-1)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
SUSE SLES15: ansible / ansible-doc / ansible-test / dracut-saltboot / etc (SUSE-SU-2022:3178-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3178-1 advisory. ansible: - Update to version 2.9.27 jscSLE-23631, jscSLE-24133 CVE-2021-3620 ansible-connection module discloses...
CVE-2021-3583 affecting package ansible for versions less than 2.12.1-1
CVE-2021-3583 affecting package ansible for versions less than 2.12.1-1. An upgraded version of the package is available that resolves this issue...
Security Bulletin: Ansible vulnerability affects IBM Elastic Storage System (CVE-2021-3583)
Summary IBM Elastic Storage System is shipped with ansible, for which a fix is available for a security vulnerability. Vulnerability Details CVEID: CVE-2021-3583 DESCRIPTION: Ansible could allow a local authenticated attacker to execute arbitrary commands on the system, caused by template injecti...
Mageia: Security Advisory (MGASA-2021-0420)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2021-3583 affecting package ansible 2.9.18-1
CVE-2021-3583 affecting package ansible 2.9.18-1. An upgraded version of the package is available that resolves this issue...
Updated ansible packages fix security vulnerability
A flaw was found in several ansible modules, where parameters containing credentials, such as secrets, were being logged in plain-text on managed nodes, as well as being made visible on the controller node when run in verbose mode. These parameters were not protected by the nolog feature. An...
CVE-2021-3583
creationtimestamp| type| source ---|---|--- 2021-09-22 16:28:48+00:00| seen| https://t.me/cibsecurity/29222 2026-06-24 01:12:57+00:00| seen| https://gist.github.com/tu-trinh-scale/72a74bde08d85f790582e21a6d660727 2026-06-24 01:12:57+00:00| seen|...
CVE-2021-3583
CVE-2021-3583 affects Ansible. A flaw allows template injection via facts used in templates when multi-line YAML strings contain templates, enabling command injection and disclosure of sensitive information. Affected: Ansible controller/template processing. Root cause: improper handling of templa...
Important: Red Hat Security Advisory: Ansible security and bug fix update (2.9.23)
An update for ansible is now available for Ansible Engine 2 Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links...
Important: Red Hat Security Advisory: Ansible security and bug fix update (2.9.23)
An update for ansible is now available for Ansible Engine 2.9 Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE lin...
RHEL 7 / 8 : Ansible security update (2.9.23) (Important) (RHSA-2021:2664)
The remote Redhat Enterprise Linux 7 / 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:2664 advisory. Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and do...