Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Ansible Semaphore Security Vulnerabilities

cve
cve

CVE-2022-3697

A flaw was found in Ansible in the amazon.aws collection when using the tower_callback parameter from the amazon.aws.ec2_instance module. This flaw allows an attacker to take advantage of this issue as the module is handling the parameter insecurely, leading to the password leaking in the logs.

7.5CVSS

7.2AI Score

0.002EPSS

2022-10-28 04:15 PM
178
4
cve
cve

CVE-2023-28609

api/auth.go in Ansible Semaphore before 2.8.89 mishandles authentication.

9.8CVSS

9.3AI Score

0.002EPSS

2023-03-18 09:15 PM
74
cve
cve

CVE-2023-39059

An issue in ansible semaphore v.2.8.90 allows a remote attacker to execute arbitrary code via a crafted payload to the extra variables parameter.

8.8CVSS

8.8AI Score

0.002EPSS

2023-08-28 10:15 PM
36