Ansible@2.5.0 Security Vulnerabilities and Issues — Ansible@2.5.0 CVE List

Lucene search

RedhatAnsible2.5.0

3 matches found

CVE•added 2019/03/27 1:29 p.m.•275 views

CVE-2019-3828

Ansible fetch module before versions 2.5.15, 2.6.14, 2.7.8 has a path traversal vulnerability which allows copying and overwriting files outside of the specified destination in the local ansible controller host, by not restricting an absolute path.

4.2CVSS4.7AI score0.00039EPSS

CVE•added 2019/01/03 3:29 p.m.•261 views

CVE-2018-16876

ansible before versions 2.5.14, 2.6.11, 2.7.5 is vulnerable to a information disclosure flaw in vvv+ mode with no_log on that can lead to leakage of sensible data.

5.3CVSS5AI score0.01032EPSS

CVE•added 2022/10/28 4:15 p.m.•221 views

CVE-2022-3697

A flaw was found in Ansible in the amazon.aws collection when using the tower_callback parameter from the amazon.aws.ec2_instance module. This flaw allows an attacker to take advantage of this issue as the module is handling the parameter insecurely, leading to the password leaking in the logs.

7.5CVSS7.2AI score0.0011EPSS