27 matches found
Astra Linux – Vulnerability in Ansible
A flaw was discovered in Ansible Engine, affecting versions 2.7.x before 2.7.17, 2.8.x before 2.8.11, and 2.9.x before 2.9.7. It also affects Ansible Tower in versions 3.4.5 and 3.5.5, as well as 3.6.3, when the ldapattr and ldapentry community modules are used. This issue exposes the LDAP bind...
Astra Linux – Vulnerability in Ansible
A flaw was discovered in the Ansible Engine when using the moduleargs feature. Tasks executed with the --check-mode option do not properly neutralize sensitive data exposed in the event data. This flaw allows unauthorized users to read this data. The greatest threat posed by this vulnerability is...
Astra Linux – Vulnerability in Ansible
A flaw was identified in the use of insufficiently random values in Ansible. Two random password lookups of the same length result in the generation of the same value as the template caching action for the same file, since no re-evaluation occurs. The greatest risk posed by this vulnerability is...
EUVD-2020-12570
Malware in sbrugna...
EUVD-2018-0010
Malware in sbrugna...
EUVD-2018-0016
Malware in sbrugna...
EUVD-2021-18793
Malware in sbrugna...
EUVD-2017-0004
Malware in sbrugna...
EUVD-2025-21136
Malicious code in bioql PyPI...
EUVD-2024-3182
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2020-1734
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the pipe lookup plugin of ansible. Arbitrary commands can be run, when the pipe lookup plugin uses subprocess.Popen with shell=True, by...
Linux Distros Unpatched Vulnerability : CVE-2024-8775
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in Ansible, where sensitive information stored in Ansible Vault files can be exposed in plaintext during the execution of a playbook. This occu...
CVE-2025-53862
A flaw was found in Ansible. Three API endpoints are accessible and return verbose, unauthenticated responses. This flaw allows a malicious user to access data that may contain important information...
CVE-2025-53862
A flaw was found in Ansible. Three API endpoints are accessible and return verbose, unauthenticated responses. This flaw allows a malicious user to access data that may contain important information...
CVE-2025-53861
A flaw was found in Ansible. Sensitive cookies without security flags over non-encrypted channels can lead to Man-in-the-Middle MitM and Cross-site scripting XSS attacks allowing attackers to read transmitted data...
CVE-2025-53862
CVE-2025-53862 affects Red Hat Ansible. The vulnerability arises from three API endpoints that expose verbose, unauthenticated responses, enabling access to potentially sensitive information. Severity is low (CVSS 3.1: 3.5, ADJACENT access, low privileges, no user interaction). Public references ...
CVE-2025-2877 Event-driven-ansible: exposure inventory passwords in plain text when starting a rulebook activation with verbosity set to debug in eda
A flaw was found in the Ansible Automation Platform's Event-Driven Ansible. In configurations where verbosity is set to "debug", inventory passwords are exposed in plain text when starting a rulebook activation. This issue exists for any "debug" action in a rulebook and also affects Event Streams...
Linux Distros Unpatched Vulnerability : CVE-2016-8614
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in Ansible before version 2.2.0. The aptkey module does not properly verify key fingerprints, allowing remote adversary to create an OpenPGP ke...
Medium: ansible-core
Issue Overview: The upstream bug report describes this issue as follows: A flaw was found in Ansible, where a user's controller is vulnerable to template injection when internal templating operations may errantly remove the unsafe designation from template data. CVE-2023-5764 Affected Packages:...
SUSE CVE-2020-10729
A flaw was found in the use of insufficiently random values in Ansible. Two random password lookups of the same length generate the equal value as the template caching action for the same file since no re-evaluation happens. The highest threat from this vulnerability would be that all passwords a...