Fedora 44 : ansible / ansible-core (2025-2842f20915)

The remote Fedora 44 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2025-2842f20915 advisory. https://fedoraproject.org/wiki/Changes/Ansible13 - Close old CVE bugs - Close bogus Markdown-It CVE bug - Close unactionable ABRT bug Tenable has...

MGASA-2021-0487 Updated ansible packages fix security vulnerability

Do not include params in exception when a call to setoptions fails. Additionally, block the exception that is returned from being displayed to stdout. CVE-2021-3620...

MGASA-2021-0132 Updated ansible packages fix security vulnerability

User data leak in snmpfacts module CVE-2021-20178. The bitbucketpipelinevariable module exposed secured values CVE-2021-20180. Multiple collections exposed secured values CVE-2021-20191. In basic.py, nolog with fallback option CVE-2021-20228. The ansible package has been updated to version 2.9.18...

Updated ansible packages fix security vulnerability

User data leak in snmpfacts module CVE-2021-20178. Multiple collections exposed secured values CVE-2021-20191. In basic.py, nolog with fallback option CVE-2021-20228. The ansible package has been patched to fix these issues...

MGASA-2019-0358 Updated ansible packages fix security vulnerability

Updated ansible package fixes security vulnerability: Splunk and Sumologic callback plugins leak sensitive data in logs CVE-2019-14864...

Debian DLA-1923-1 : ansible security update

Several vulnerabilities were discovered in Ansible, a configuration management, deployment, and task execution system. CVE-2015-3908 A potential man-in-the-middle attack associated with insusfficient X.509 certificate verification. Ansible did not verify that the server hostname matches a domain...

MGASA-2019-0234 Updated ansible packages fix security vulnerability

Updated ansible package fixes security vulnerability: A flaw was discovered in the way Ansible templating was implemented before version 2.7.12, causing the possibility of information disclosure through unexpected variable substitution. By taking advantage of unintended variable substitution the...

MGASA-2019-0114 Updated ansible packages fix security vulnerability

The user module leaked parameters passed to ssh-keygen to the process environment CVE-2018-16837. The fetch module was susceptible to path traversal CVE-2019-3828...

MGASA-2018-0303 Updated ansible packages fix security vulnerability

Ansible prior to 2.4.5 does not honor the nolog task flag for failed tasks. When the nolog flag has been used to protect sensitive data passed to a task from being logged, and that task does not run successfully, Ansible will expose sensitive data in log files and on the terminal of the user...

MGASA-2017-0164 Updated ansible packages fix security vulnerability

It was found that aptkey module does not properly verify key fingerprints, allowing remote adversary to create an OpenPGP key which matches the short key ID and inject this key instead of the correct key CVE-2016-8614. It is reported that in Ansible, under some circumstances the mysqluser module...