pkg:PyPI/ansible

共 130 筆 CVECRITICAL14HIGH41MEDIUM68LOW6

✅ 檢查你的版本

所有已知漏洞

CRITICAL9.8CVE-2014-4678Ansible Code Injection Vulnerability
from 0, < 1.6.4
CRITICAL9.8CVE-2014-4678Ansible Code Injection Vulnerability
from 0, < 5429b85b9f6c2e640074176f36ff05fd5e4d1916 | from 0, < 1.6.4
CRITICAL9.8CVE-2014-4657Ansible Remote Code Execution
from 0, < 1.5.4
CRITICAL9.8CVE-2014-4657Ansible Remote Code Execution
from 0, < 1.5.4
CRITICAL9.8CVE-2014-4967Ansible Arbitrary Code Execution
from 0, < 1.6.7
CRITICAL9.8CVE-2014-4966Ansible Arbitrary Code Execution
from 0, < 62a1295a3e08cb6c3e9f1b2a1e6e5dcaeab32527 | from 0, < 1.6.7
CRITICAL9.8CVE-2014-4967Ansible Arbitrary Code Execution
from 0, < 62a1295a3e08cb6c3e9f1b2a1e6e5dcaeab32527 | from 0, < 1.6.7
CRITICAL9.8CVE-2014-4966Ansible Arbitrary Code Execution
from 0, < 1.6.7
CRITICAL9.8CVE-2017-7550Ansible Insertion of Sensitive Information into Log File vulnerability
>= 2.4.0.0, < 2.4.1.0, >= 2.3.0.0, < 2.3.3.0
CRITICAL9.8CVE-2017-7550Ansible Insertion of Sensitive Information into Log File vulnerability
>= 2.4.0.0, < 2.4.1.0
CRITICAL9.8CVE-2017-7481ansible - security update
>= 2.3.0.0, < 2.3.1.0
CRITICAL9.8CVE-2017-7481ansible - security update
from 0, < ed56f51f185a1ffd7ea57130d260098686fcc7c2 | from 0, < 2.3.1.0, >= 2.3.2.0, < 2.4.0.0
CRITICAL9.1CVE-2016-8628Ansible fails to properly sanitize fact variables sent from the Ansible controller
from 0, < 2.2.0.0
CRITICAL9.1CVE-2016-8628Ansible fails to properly sanitize fact variables sent from the Ansible controller
from 0, < 2.2.0.0
HIGH8.8CVE-2014-3498Ansible Arbitrary Code Execution
from 0, < 1.6.6
HIGH8.8CVE-2014-3498Ansible Arbitrary Code Execution
from 0, < 8ed6350e65c82292a631f08845dfaacffe7f07f5 | from 0, < 1.6.6
HIGH8.1CVE-2016-9587Ansible is vulnerable to an improper input validation in Ansible's handling of data sent from client systems
from 0, < 2.1.4.0
HIGH8.1CVE-2016-9587Ansible is vulnerable to an improper input validation in Ansible's handling of data sent from client systems
from 0, < 2.1.4.0, >= 2.2.0.0, < 2.2.1.0
HIGH8.0CVE-2017-7466Ansible Arbitrary Code Execution
from 0, < 2.3.0.0
HIGH8.0CVE-2017-7466Ansible Arbitrary Code Execution
from 0, < 2.2.3.0
HIGH7.8CVE-2019-14846ansible - security update
from 0, < 2.6.20, >= 2.7.0, < 2.7.14, >= 2.8.0, < 2.8.6
HIGH7.8CVE-2019-14846ansible - security update
from 0, < 2.6.20
HIGH7.8CVE-2015-6240Ansible Sandbox Escape via Symlink Attack
from 0, < 1.9.2
HIGH7.8CVE-2015-6240Ansible Sandbox Escape via Symlink Attack
from 0, < ca2f2c4ebd7b5e097eab0a710f79c1f63badf95b, < 952166f48eb0f5797b75b160fd156bbe1e8fc647 | from 0, < 1.9.2
HIGH7.8CVE-2018-16837ansible - security update
>= 2.7, < 2.7.1, >= 2.6, < 2.6.7, from 0, < 2.5.11
HIGH7.8CVE-2018-16837ansible - security update
>= 2.7.0a1, < 2.7.1
HIGH7.8CVE-2018-10875Ansible Arbitrary Code Execution
from 0, < 2.4.6.0
HIGH7.8CVE-2018-10875Ansible Arbitrary Code Execution
>= 2.5, < 2.5.6, >= 2.4, < 2.4.6.0, >= 2.6, < 2.6.1
HIGH7.8CVE-2018-10874Ansible Improper Input Validation vulnerability
from 0, < 2.4.6.0, >= 2.5, < 2.5.6, >= 2.6, < 2.6.1
HIGH7.8CVE-2018-10874Ansible Improper Input Validation vulnerability
from 0, < 2.4.6.0
HIGH7.8CVE-2020-1737Path Traversal in Ansible
>= 2.8.0a1, < 2.8.9
HIGH7.8CVE-2020-1737Path Traversal in Ansible
from 0, < 2.7.17, >= 2.8.0, < 2.8.9, >= 2.9.0, < 2.9.6
HIGH7.8CVE-2016-3096Link Following in ansible
from 0, < 2.0.2.0
HIGH7.8CVE-2016-3096Link Following in ansible
>= 2.0.0.0, < 2.0.2.0
HIGH7.5CVE-2022-3697Ansible leaks password to logs
>= 2.5.0, < 7.0.0
HIGH7.5CVE-2021-20228Ansible Exposes Sensitive Information
from 0, < 2.9.19
HIGH7.5CVE-2021-20228Ansible Exposes Sensitive Information
>= 2.10.0a1, < 2.10.6rc1
HIGH7.5CVE-2014-2686Ansible unsafe evaluation of some strings
from 0, < 1.5.4
HIGH7.5CVE-2014-2686Ansible unsafe evaluation of some strings
from 0, < 1.5.4
HIGH7.5CVE-2015-3908ansible - security update
from 0, < 1.9.2
HIGH7.5CVE-2015-3908ansible - security update
from 0, < 1.9.2
HIGH7.5CVE-2016-8614Ansible apt_key module does not properly verify key fingerprint
from 0, < 2.2.0.0
HIGH7.5CVE-2016-8614Ansible apt_key module does not properly verify key fingerprint
from 0, < 2.2.0.0
HIGH7.4CVE-2020-1734OS Command Injection in ansible
from 0, < 2.7.17
HIGH7.4CVE-2020-1734OS Command Injection in ansible
>= 2.10.0a1, < 2.10.0rc1
HIGH7.4CVE-2013-2233Ansible fails to cache SSH host keys
from 0, < 1.2.1
HIGH7.4CVE-2013-2233Ansible fails to cache SSH host keys
from 0, < 1.2.1
HIGH7.3CVE-2019-14904OS Command Injection and Improper Input Validation in ansible
from 0, < 2.7.15, >= 2.8.0, < 2.8.7, >= 2.9.0, < 2.9.2
HIGH7.3CVE-2019-14904OS Command Injection and Improper Input Validation in ansible
from 0, < 2.7.16
HIGH7.1CVE-2021-3583Improper Input Validation and Command Injection in Ansible
from 0, < 2.9.23rc1
HIGH7.1CVE-2021-3583Improper Input Validation and Command Injection in Ansible
from 0, < 2.9.23
HIGH7.1CVE-2020-14365Improper Verification of Cryptographic Signature in ansible
>= 2.8.0a1, < 2.8.15
HIGH7.1CVE-2020-14365Improper Verification of Cryptographic Signature in ansible
>= 2.8.0, < 2.8.16rc1, >= 2.9.0, < 2.9.14rc1
HIGH7.1CVE-2020-10684Code Injection, Race Condition, and Execution with Unnecessary Privileges in Ansible
>= 2.7.0a1, < 2.7.17
HIGH7.1CVE-2020-10684Code Injection, Race Condition, and Execution with Unnecessary Privileges in Ansible
>= 2.7.0, < 2.7.17, >= 2.8.0, < 2.8.9, >= 2.9.0, < 2.9.6
MEDIUM6.5CVE-2019-14856Ansible password prompts could expose passwords
>= 2.6.0, < 2.6.20, >= 2.7.0, < 2.7.14, >= 2.8.0, < 2.8.6
MEDIUM6.5CVE-2019-14856Ansible password prompts could expose passwords
>= 2.8.0, < 2.8.6
MEDIUM6.5CVE-2019-10206ansible - security update
>= 2.6.0, < 2.6.19, >= 2.7.0, < 2.7.13, >= 2.8.0, < 2.8.4
MEDIUM6.5CVE-2019-10206ansible - security update
>= 2.8.0, < 2.8.4
MEDIUM6.5CVE-2019-10217Exposure of Sensitive Information to an Unauthorized Actor in ansible
>= 2.8.0, < 2.8.4
MEDIUM6.5CVE-2019-10217Exposure of Sensitive Information to an Unauthorized Actor in ansible
>= 2.8.0a1, < 2.8.4
MEDIUM6.5CVE-2019-14864Inclusion of Sensitive Information in Log Files and Improper Output Neutralization for Logs in Ansible
>= 2.7.0, < 2.7.15, >= 2.8.0, < 2.8.7, >= 2.9.0, < 2.9.1
MEDIUM6.5CVE-2019-14864Inclusion of Sensitive Information in Log Files and Improper Output Neutralization for Logs in Ansible
>= 2.7.0a1, < 2.7.15
MEDIUM6.3CVE-2023-5115Ansible symlink attack vulnerability
from 0, < 8.5.0
MEDIUM6.2CVE-2013-4260Ansible Arbitrary File Overwrite Vulnerability
>= 1.2.0, < 1.2.3
MEDIUM6.2CVE-2013-4260Ansible Arbitrary File Overwrite Vulnerability
>= 1.2, < 1.2.3
MEDIUM5.9CVE-2018-10855ansible - security update
>= 2.5.0a1, < 2.5.5
MEDIUM5.9CVE-2018-10855ansible - security update
>= 2.5, < 2.5.5, >= 2.4, < 2.4.5.0
MEDIUM5.6CVE-2019-14905Externally Controlled Reference to a Resource in Another Sphere, Improper Input Validation, and External Control of File Name or Path in Ansible
>= 2.7.0, < 2.7.16, >= 2.8.0, < 2.8.8, >= 2.9.0, < 2.9.3
MEDIUM5.6CVE-2019-14905Externally Controlled Reference to a Resource in Another Sphere, Improper Input Validation, and External Control of File Name or Path in Ansible
>= 2.7.0a1, < 2.7.16
MEDIUM5.5CVE-2025-14010Ansible Community General Collection is vulnerable to exposure of sensitive information
from 0, < 12.2.0
MEDIUM5.5CVE-2019-14858Ansible leaks sensitive information to logs when told not to
>= 2.0, < 2.8.1
MEDIUM5.5CVE-2019-14858Ansible leaks sensitive information to logs when told not to
>= 2.9.0a1, < 2.9.0rc4
MEDIUM5.5CVE-2014-4658Ansible Sensitive Files Are Locally Readable
from 0, < 1.5.5
MEDIUM5.5CVE-2014-4659Ansible sets unsafe permissions for sources.list
from 0, < 1.5.5
MEDIUM5.5CVE-2014-4658Ansible Sensitive Files Are Locally Readable
from 0, < 1.5.5
MEDIUM5.5CVE-2014-4660Ansible discloses credential information
from 0, < c4b5e46054c74176b2446c82d4df1a2610eddc08 | from 0, < 1.5.5
MEDIUM5.5CVE-2014-4660Ansible discloses credential information
from 0, < 1.5.5
MEDIUM5.5CVE-2014-4659Ansible sets unsafe permissions for sources.list
from 0, < 1.5.5
MEDIUM5.5CVE-2021-20180Insertion of Sensitive Information into Log File in ansible
>= 2.8.0a1, < 2.8.19
MEDIUM5.5CVE-2021-3620Ansible discloses sensitive information in traceback error message
from 0, < fe28767970c8ec62aabe493c46b53a5de1e5fac0 | from 0, < 2.9.27
MEDIUM5.5CVE-2021-3620Ansible discloses sensitive information in traceback error message
from 0, < 2.9.27
MEDIUM5.5CVE-2020-14330Improper Output Neutralization and Improper Encoding or Escaping of Output for Logs in ansible
from 0, < 2.10.0
MEDIUM5.5CVE-2020-14330Improper Output Neutralization and Improper Encoding or Escaping of Output for Logs in ansible
from 0, < 2.10.0
MEDIUM5.5CVE-2020-14332Insertion of Sensitive Information into Log File and Improper Output Neutralization for Logs in ansible
from 0, < 2.8.14
MEDIUM5.5CVE-2020-14332Insertion of Sensitive Information into Log File and Improper Output Neutralization for Logs in ansible
>= 2.8.0, < 2.8.14, >= 2.9.0, < 2.9.12
MEDIUM5.5CVE-2021-20178Insertion of Sensitive Information into Log File in ansible
from 0, < 2.9.18
MEDIUM5.5CVE-2021-20178Insertion of Sensitive Information into Log File in ansible
from 0, < 2.9.18
MEDIUM5.5CVE-2021-20191Insertion of Sensitive Information into Log File in ansible
from 0, < 2.8.19, >= 2.9.0, < 2.9.18, >= 2.10.0, < 2.10.7
MEDIUM5.5CVE-2021-20191Insertion of Sensitive Information into Log File in ansible
>= 2.9.0a1, < 2.9.18rc1
MEDIUM5.5CVE-2020-10685Exposure of Resource to Wrong Sphere and Insecure Temporary File in Ansible
>= 2.7.0, < 2.7.17, >= 2.8.0, < 2.8.11, >= 2.9.0, < 2.9.7
MEDIUM5.5CVE-2020-10685Exposure of Resource to Wrong Sphere and Insecure Temporary File in Ansible
>= 2.7.0a1, < 2.7.17
MEDIUM5.5CVE-2020-1753Insertion of Sensitive Information into Log File, Invocation of Process Using Visible Sensitive Information, and Exposure of Sensitive Information to an Unauthorized Actor in Ansible
>= 2.7.0a1, < 2.7.18
MEDIUM5.5CVE-2020-1753Insertion of Sensitive Information into Log File, Invocation of Process Using Visible Sensitive Information, and Exposure of Sensitive Information to an Unauthorized Actor in Ansible
from 0, < 2.7.18, >= 2.8.0, < 2.8.11, >= 2.9.0, < 2.9.7
MEDIUM5.5CVE-2021-3447A flaw was found in several ansible modules, where parameters containing credentials, such as secrets, were being logged in plain-text on m…
from 0, < 1.2.2
MEDIUM5.4CVE-2019-10156ansible - security update
from 0, < 2.6.18
MEDIUM5.4CVE-2019-10156ansible - security update
from 0, < 2.6.18, >= 2.7.0, < 2.7.12, >= 2.8.0, < 2.8.2
MEDIUM5.3CVE-2018-16876Ansible sensitive information disclosure
>= 2.5.0, < 2.5.14, >= 2.6.0, < 2.6.11, >= 2.7.0, < 2.7.5
MEDIUM5.3CVE-2018-16876Ansible sensitive information disclosure
from 0, < 2.5.14
MEDIUM5.2CVE-2020-10691Path Traversal in Ansible
>= 2.9.0, < 2.9.7
MEDIUM5.2CVE-2020-10691Path Traversal in Ansible
>= 2.9.0a1, < 2.9.7
MEDIUM5.0CVE-2020-25635Ansible does not collect garbage after playbook run
from 0, < 2.10.1
MEDIUM5.0CVE-2020-25635Ansible does not collect garbage after playbook run
from 0, < 2.10.1
MEDIUM5.0CVE-2020-10744Exposure of Resource to Wrong Sphere and Insecure Temporary File in Ansible
>= 2.7.0, < 2.8.0a1, >= 2.8.0, < 2.8.13, >= 2.9.0, < 2.9.10
MEDIUM5.0CVE-2020-10744Exposure of Resource to Wrong Sphere and Insecure Temporary File in Ansible
>= 2.10.0a1, < 2.10.0rc1
MEDIUM5.0CVE-2020-10729Insufficiently random values in Ansible
from 0, < 2.9.6
MEDIUM5.0CVE-2020-10729Insufficiently random values in Ansible
from 0, < 2.9.6
MEDIUM5.0CVE-2020-1733Ansible vulnerable to Exposure of Resource to Wrong Sphere and Insecure Temporary File
from 0, < 2.7.17, >= 2.8.0, < 2.8.8, >= 2.9.0, < 2.9.6
MEDIUM5.0CVE-2020-1733Ansible vulnerable to Exposure of Resource to Wrong Sphere and Insecure Temporary File
from 0, < 2.7.17
MEDIUM5.0CVE-2020-1746Exposure of Sensitive Information to an Unauthorized Actor in ansible
>= 2.8.0a1, < 2.8.11
MEDIUM5.0CVE-2020-1746Exposure of Sensitive Information to an Unauthorized Actor in ansible
>= 2.7.0, < 2.7.17, >= 2.8.0, < 2.8.11, >= 2.9.0, < 2.9.7
MEDIUM4.9CVE-2016-8647Improper Input Validation in ansible
from 0, < 2.2.1.0
MEDIUM4.9CVE-2016-8647Improper Input Validation in ansible
from 0, < 2.2.1.0
MEDIUM4.7CVE-2020-1740Exposure of Sensitive Information to an Unauthorized Actor and Insecure Temporary File in Ansible
from 0, < 2.7.17
MEDIUM4.7CVE-2020-1740Exposure of Sensitive Information to an Unauthorized Actor and Insecure Temporary File in Ansible
from 0, < 2.7.17, >= 2.8.0, < 2.8.9, >= 2.9.0, < 2.9.6
MEDIUM4.6CVE-2020-1735Path Traversal in Ansible
from 0, < 2.7.17, >= 2.8.0, < 2.8.9, >= 2.9.0, < 2.9.6
MEDIUM4.6CVE-2020-1735Path Traversal in Ansible
>= 2.7.0a1, < 2.7.18
MEDIUM4.4CVE-2018-16859Ansible Logs Passwords If PowerShell ScriptBlock is Enabled
>= 2.7.0, < 2.7.4, >= 2.7.5, < 2.8.1, from 0, < 2.5.13, >= 2.6.0, < 2.6.10
MEDIUM4.4CVE-2018-16859Ansible Logs Passwords If PowerShell ScriptBlock is Enabled
>= 2.7.0a1, < 2.7.3
MEDIUM4.2CVE-2019-3828Ansible Path Traversal vulnerability
>= 2.5.0, < 2.5.15, >= 2.6.0, < 2.6.14, >= 2.7.0, < 2.7.8
MEDIUM4.2CVE-2019-3828Ansible Path Traversal vulnerability
from 0, < 2.5.15
MEDIUM4.0CVE-2013-4259Ansible uses a socket with predictable filename in /tmp
from 0, < 1.2.3
MEDIUM4.0CVE-2013-4259Ansible uses a socket with predictable filename in /tmp
from 0, < 1.2.3
LOW3.9CVE-2020-1738Argument Injection in Ansible
from 0, <= 2.7.16
LOW3.9CVE-2020-1738Argument Injection in Ansible
from 0, < 2.7.17, >= 2.8.0, < 2.8.9, >= 2.9.0, < 2.9.6
LOW3.9CVE-2020-1739Exposure of Sensitive Information to an Unauthorized Actor in Ansible
from 0, < 2.7.17
LOW3.9CVE-2020-1739Exposure of Sensitive Information to an Unauthorized Actor in Ansible
from 0, < 2.7.17, >= 2.8.0, < 2.8.9, >= 2.9.0, < 2.9.6
LOW3.3CVE-2020-1736Incorrect Permission Assignment for Critical Resource in Ansible
from 0, < 2.7.17, >= 2.8.0, < 2.8.9, >= 2.9.0, < 2.9.6
LOW3.3CVE-2020-1736Incorrect Permission Assignment for Critical Resource in Ansible
>= 2.7.0, <= 2.10.0
—CVE-2021-3533A flaw was found in Ansible if an ansible user sets ANSIBLE_ASYNC_DIR to a subdirectory of a world writable directory.
from 0, < 3.0.0