Skip to main content

Ansible Developer

6 CVEs product

Monthly

CVE-2024-10033 MEDIUM This Month

A vulnerability was found in aap-gateway. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Ansible Automation Platform Ansible Developer Ansible Inside
NVD
CVSS 3.1
6.1
EPSS
0.4%
CVE-2024-0690 PyPI MEDIUM PATCH This Month

An information disclosure flaw was found in ansible-core due to a failure to respect the ANSIBLE_NO_LOG configuration in some scenarios. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Ansible Enterprise Linux Ansible Automation Platform Ansible Developer +2
NVD GitHub
CVSS 3.1
5.5
EPSS
0.3%
CVE-2023-5115 PyPI MEDIUM PATCH This Month

An absolute path traversal attack exists in the Ansible automation platform. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Ansible Automation Platform Ansible Inside Ansible Developer Debian Linux
NVD
CVSS 3.1
6.3
EPSS
0.9%
CVE-2023-5764 PyPI HIGH PATCH This Week

A template injection flaw was found in Ansible where a user's controller internal templating operations may remove the unsafe designation from template data. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Code Injection Ssti Ansible Extra Packages For Enterprise Linux Fedora +3
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2023-4380 MEDIUM This Month

A logic flaw exists in Ansible Automation platform. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Ansible Automation Platform Ansible Developer Ansible Inside
NVD
CVSS 3.1
6.3
EPSS
0.5%
CVE-2023-3971 MEDIUM This Month

An HTML injection flaw was found in Controller in the user interface settings. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Ansible Automation Controller Ansible Automation Platform Ansible Developer Ansible Inside
NVD
CVSS 3.1
5.4
EPSS
0.7%
EPSS 0% CVSS 6.1
MEDIUM This Month

A vulnerability was found in aap-gateway. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Ansible Automation Platform Ansible Developer +1
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

An information disclosure flaw was found in ansible-core due to a failure to respect the ANSIBLE_NO_LOG configuration in some scenarios. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Ansible Enterprise Linux +4
NVD GitHub
EPSS 1% CVSS 6.3
MEDIUM PATCH This Month

An absolute path traversal attack exists in the Ansible automation platform. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Ansible Automation Platform Ansible Inside +2
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

A template injection flaw was found in Ansible where a user's controller internal templating operations may remove the unsafe designation from template data. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Code Injection Ssti Ansible +5
NVD
EPSS 1% CVSS 6.3
MEDIUM This Month

A logic flaw exists in Ansible Automation platform. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Ansible Automation Platform Ansible Developer +1
NVD
EPSS 1% CVSS 5.4
MEDIUM This Month

An HTML injection flaw was found in Controller in the user interface settings. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Ansible Automation Controller Ansible Automation Platform +2
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy