Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:redhat:ansible:2.9.24:rc1:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2024-0690 |
An information disclosure flaw was found in ansible-core due to a failure to respect the ANSIBLE_NO_LOG configuration in some scenarios. Information is still included in the output in certain tasks, such as loop items. Depending on the task, this issue may include sensitive information, such as decrypted secret values. Published: February 06, 2024; 7:15:55 AM -0500 |
V3.1: 5.5 MEDIUM V2.0:(not available) |
CVE-2023-5764 |
A template injection flaw was found in Ansible where a user's controller internal templating operations may remove the unsafe designation from template data. This issue could allow an attacker to use a specially crafted file to introduce templating injection when supplying templating data. Published: December 12, 2023; 5:15:22 PM -0500 |
V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2022-3697 |
A flaw was found in Ansible in the amazon.aws collection when using the tower_callback parameter from the amazon.aws.ec2_instance module. This flaw allows an attacker to take advantage of this issue as the module is handling the parameter insecurely, leading to the password leaking in the logs. Published: October 28, 2022; 12:15:16 PM -0400 |
V3.1: 7.5 HIGH V2.0:(not available) |