| Bug | jessie | stretch | buster | bullseye | bookworm | trixie | sid | Description |
|---|
| CVE-2024-11079 | vulnerable | vulnerable | vulnerable | vulnerable | fixed | fixed | fixed | A flaw was found in Ansible-Core. This vulnerability allows attackers ... |
| CVE-2024-9902 | vulnerable | vulnerable | vulnerable | vulnerable | fixed | fixed | fixed | A flaw was found in Ansible. The ansible-core `user` module can allow ... |
| CVE-2024-8775 | vulnerable | vulnerable | vulnerable | vulnerable | fixed | fixed | fixed | A flaw was found in Ansible, where sensitive information stored in Ans ... |
| CVE-2024-0690 | vulnerable | vulnerable | vulnerable | fixed | fixed | fixed | fixed | An information disclosure flaw was found in ansible-core due to a fail ... |
| CVE-2023-5764 | vulnerable | vulnerable | vulnerable | fixed | fixed | fixed | fixed | A template injection flaw was found in Ansible where a user's controll ... |
| CVE-2023-5115 | vulnerable | vulnerable | fixed | fixed | fixed | fixed | fixed | An absolute path traversal attack exists in the Ansible automation pla ... |
| CVE-2023-4567 | unknown | vulnerable | unknown | unknown | unknown | unknown | unknown | |
| CVE-2023-4380 | unknown | vulnerable | unknown | unknown | unknown | unknown | unknown | A logic flaw exists in Ansible Automation platform. Whenever a private ... |
| CVE-2023-4237 | vulnerable | vulnerable | vulnerable (no DSA) | fixed | fixed | fixed | fixed | A flaw was found in the Ansible Automation Platform. When creating a n ... |
| CVE-2022-3697 | vulnerable | vulnerable | fixed | fixed | fixed | fixed | fixed | A flaw was found in Ansible in the amazon.aws collection when using th ... |
| CVE-2021-20228 | vulnerable | vulnerable | fixed | fixed | fixed | fixed | fixed | A flaw was found in the Ansible Engine 2.9.18, where sensitive info is ... |
| CVE-2021-20191 | vulnerable | vulnerable | fixed | fixed | fixed | fixed | fixed | A flaw was found in ansible. Credentials, such as secrets, are being d ... |
| CVE-2021-20178 | vulnerable | vulnerable | fixed | fixed | fixed | fixed | fixed | A flaw was found in ansible module where credentials are disclosed in ... |
| CVE-2021-3620 | vulnerable | vulnerable | fixed | fixed | fixed | fixed | fixed | A flaw was found in Ansible Engine's ansible-connection module, where ... |
| CVE-2021-3583 | vulnerable | vulnerable | fixed | fixed | fixed | fixed | fixed | A flaw was found in Ansible, where a user's controller is vulnerable t ... |
| CVE-2021-3447 | vulnerable | vulnerable | fixed | fixed | fixed | fixed | fixed | A flaw was found in several ansible modules, where parameters containi ... |
| CVE-2020-14332 | vulnerable | vulnerable | fixed | fixed | fixed | fixed | fixed | A flaw was found in the Ansible Engine when using module_args. Tasks e ... |
| CVE-2020-14330 | vulnerable | vulnerable | fixed | fixed | fixed | fixed | fixed | An Improper Output Neutralization for Logs flaw was found in Ansible w ... |
| CVE-2020-10744 | vulnerable | fixed | fixed | fixed | fixed | fixed | fixed | An incomplete fix was found for the fix of the flaw CVE-2020-1733 ansi ... |
| CVE-2020-10729 | fixed | vulnerable | fixed | fixed | fixed | fixed | fixed | A flaw was found in the use of insufficiently random values in Ansible ... |
| CVE-2020-10685 | fixed | vulnerable | fixed | fixed | fixed | fixed | fixed | A flaw was found in Ansible Engine affecting Ansible Engine versions 2 ... |
| CVE-2020-10684 | vulnerable | vulnerable | fixed | fixed | fixed | fixed | fixed | A flaw was found in Ansible Engine, all versions 2.7.x, 2.8.x and 2.9. ... |
| CVE-2020-1740 | fixed | vulnerable | fixed | fixed | fixed | fixed | fixed | A flaw was found in Ansible Engine when using Ansible Vault for editin ... |
| CVE-2020-1739 | fixed | vulnerable | fixed | fixed | fixed | fixed | fixed | A flaw was found in Ansible 2.7.16 and prior, 2.8.8 and prior, and 2.9 ... |
| CVE-2020-1735 | fixed | vulnerable | fixed | fixed | fixed | fixed | fixed | A flaw was found in the Ansible Engine when the fetch module is used. ... |
| CVE-2020-1733 | fixed | vulnerable | fixed | fixed | fixed | fixed | fixed | A race condition flaw was found in Ansible Engine 2.7.17 and prior, 2. ... |
| CVE-2019-14905 | fixed | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | fixed | A vulnerability was found in Ansible Engine versions 2.9.x before 2.9. ... |
| CVE-2019-14858 | fixed | fixed | vulnerable (no DSA) | fixed | fixed | fixed | fixed | A vulnerability was found in Ansible engine 2.x up to 2.8 and Ansible ... |
| CVE-2019-10206 | fixed | vulnerable | fixed | fixed | fixed | fixed | fixed | ansible-playbook -k and ansible cli tools, all versions 2.8.x before 2 ... |
| Bug | Description |
|---|
| CVE-2021-20180 | A flaw was found in ansible module where credentials are disclosed in ... |
| CVE-2020-25646 | A flaw was found in Ansible Collection community.crypto. openssl_priva ... |
| CVE-2020-25636 | A flaw was found in Ansible Base when using the aws_ssm connection plu ... |
| CVE-2020-25635 | A flaw was found in Ansible Base when using the aws_ssm connection plu ... |
| CVE-2020-10691 | An archive traversal flaw was found in all ansible-engine versions 2.9 ... |
| CVE-2020-1753 | A security flaw was found in Ansible Engine, all Ansible 2.7.x version ... |
| CVE-2020-1746 | A flaw was found in the Ansible Engine affecting Ansible Engine versio ... |
| CVE-2019-14904 | A flaw was found in the solaris_zone module from the Ansible Community ... |
| CVE-2019-14864 | Ansible, versions 2.9.x before 2.9.1, 2.8.x before 2.8.7 and Ansible v ... |
| CVE-2019-14856 | ansible before versions 2.8.6, 2.7.14, 2.6.20 is vulnerable to a None |
| CVE-2019-14846 | In Ansible, all Ansible Engine versions up to ansible-engine 2.8.5, an ... |
| CVE-2019-10217 | A flaw was found in ansible 2.8.0 before 2.8.4. Fields managing sensit ... |
| CVE-2019-10156 | A flaw was discovered in the way Ansible templating was implemented in ... |
| CVE-2019-3828 | Ansible fetch module before versions 2.5.15, 2.6.14, 2.7.8 has a path ... |
| CVE-2018-16876 | ansible before versions 2.5.14, 2.6.11, 2.7.5 is vulnerable to a infor ... |
| CVE-2018-16859 | Execution of Ansible playbooks on Windows platforms with PowerShell Sc ... |
| CVE-2018-16837 | Ansible "User" module leaks any data which is passed on as a parameter ... |
| CVE-2018-10875 | A flaw was found in ansible. ansible.cfg is read from the current work ... |
| CVE-2018-10874 | In ansible it was found that inventory variables are loaded from curre ... |
| CVE-2018-10855 | Ansible 2.5 prior to 2.5.5, and 2.4 prior to 2.4.5, do not honor the n ... |
| CVE-2017-7481 | Ansible before versions 2.3.1.0 and 2.4.0.0 fails to properly mark loo ... |
| CVE-2017-7466 | Ansible before version 2.3 has an input validation vulnerability in th ... |
| CVE-2016-9587 | Ansible before versions 2.1.4, 2.2.1 is vulnerable to an improper inpu ... |
| CVE-2016-8647 | An input validation vulnerability was found in Ansible's mysql_user mo ... |
| CVE-2016-8628 | Ansible before version 2.2.0 fails to properly sanitize fact variables ... |
| CVE-2016-8614 | A flaw was found in Ansible before version 2.2.0. The apt_key module d ... |
| CVE-2016-3096 | The create_script function in the lxc_container module in Ansible befo ... |
| CVE-2015-6240 | The chroot, jail, and zone connection plugins in ansible before 1.9.2 ... |
| CVE-2015-3908 | Ansible before 1.9.2 does not verify that the server hostname matches ... |
| CVE-2014-4967 | Multiple argument injection vulnerabilities in Ansible before 1.6.7 al ... |
| CVE-2014-4966 | Ansible before 1.6.7 does not prevent inventory data with "{{" and "lo ... |
| CVE-2014-4678 | The safe_eval function in Ansible before 1.6.4 does not properly restr ... |
| CVE-2014-4660 | Ansible before 1.5.5 constructs filenames containing user and password ... |
| CVE-2014-4659 | Ansible before 1.5.5 sets 0644 permissions for sources.list, which mig ... |
| CVE-2014-4658 | The vault subsystem in Ansible before 1.5.5 does not set the umask bef ... |
| CVE-2014-4657 | The safe_eval function in Ansible before 1.5.4 does not properly restr ... |
| CVE-2014-3498 | The user module in ansible before 1.6.6 allows remote authenticated us ... |
| CVE-2014-2686 | Ansible prior to 1.5.4 mishandles the evaluation of some strings. |
| CVE-2013-4260 | lib/ansible/playbook/__init__.py in Ansible 1.2.x before 1.2.3, when p ... |
| CVE-2013-4259 | runner/connection_plugins/ssh.py in Ansible before 1.2.3, when using C ... |
| CVE-2013-2233 | Ansible before 1.2.1 makes it easier for remote attackers to conduct m ... |