Search CVE reports


Toggle filters

1 – 3 of 3 results


CVE-2022-2568

Medium priority
Needs evaluation

A privilege escalation flaw was found in the Ansible Automation Platform. This flaw allows a remote authenticated user with ‘change user’ permissions to modify the account settings of the superuser account and also remove...

3 affected packages

ansible, ansible-base, ansible-core

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ansible Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
ansible-base Not in release Not in release Not in release Not in release Not in release
ansible-core Needs evaluation Needs evaluation Not in release Not in release Not in release
Show less packages

CVE-2021-3620

Medium priority

Some fixes available 2 of 12

A flaw was found in Ansible Engine’s ansible-connection module, where sensitive information such as the Ansible user credentials is disclosed by default in the traceback error message. The highest threat from this vulnerability is...

3 affected packages

ansible, ansible-base, ansible-core

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ansible Vulnerable Fixed Fixed Not affected Not affected
ansible-base Not in release Not in release Not in release Not in release Ignored
ansible-core Not affected Not affected Not in release Not in release Ignored
Show less packages

CVE-2021-3583

Medium priority

Some fixes available 4 of 14

A flaw was found in Ansible, where a user’s controller is vulnerable to template injection. This issue can occur through facts used in the template if the user is trying to put templates in multi-line YAML strings and the facts...

3 affected packages

ansible, ansible-base, ansible-core

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ansible Vulnerable Fixed Fixed Fixed Fixed
ansible-base Not in release Not in release Not in release Not in release Ignored
ansible-core Not affected Not affected Not in release Not in release Ignored
Show less packages