Known Vulnerabilities for Ansible Engine by Redhat
Listed below are 10 of the newest known vulnerabilities associated with "Ansible Engine" by "Redhat".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2021-20228 | A flaw was found in the Ansible Engine 2.9.18, where sensitive info is not masked by default and is not protected by the no_l... | 7.5 - HIGH | 2021-04-29 | 2023-11-07 |
| CVE-2021-3620 | A flaw was found in Ansible Engine's ansible-connection module, where sensitive information such as the Ansible user credenti... | 5.5 - MEDIUM | 2022-03-03 | 2023-12-28 |
| CVE-2021-3583 | A flaw was found in Ansible, where a user's controller is vulnerable to template injection. This issue can occur through fact... | 7.1 - HIGH | 2021-09-22 | 2023-12-28 |
| CVE-2021-3533 | A flaw was found in Ansible if an ansible user sets ANSIBLE_ASYNC_DIR to a subdirectory of a world writable directory. When t... | Not Provided | 2021-06-09 | 2024-01-23 |
| CVE-2021-3532 | A flaw was found in Ansible where the secret information present in async_files are getting disclosed when the user changes t... | Not Provided | 2021-06-09 | 2024-01-15 |
| CVE-2020-10685 | A flaw was found in Ansible Engine affecting Ansible Engine versions 2.7.x before 2.7.17 and 2.8.x before 2.8.11 and 2.9.x be... | 5.5 - MEDIUM | 2020-05-11 | 2023-11-07 |
| CVE-2020-1753 | A security flaw was found in Ansible Engine, all Ansible 2.7.x versions prior to 2.7.17, all Ansible 2.8.x versions prior to ... | 5.5 - MEDIUM | 2020-03-16 | 2023-11-07 |
| CVE-2020-1746 | A flaw was found in the Ansible Engine affecting Ansible Engine versions 2.7.x before 2.7.17 and 2.8.x before 2.8.11 and 2.9.... | 5 - MEDIUM | 2020-05-12 | 2023-11-07 |
| CVE-2020-1737 | A flaw was found in Ansible 2.7.17 and prior, 2.8.9 and prior, and 2.9.6 and prior when using the Extract-Zip function from t... | 7.8 - HIGH | 2020-03-09 | 2023-11-07 |
| CVE-2020-1734 | A flaw was found in the pipe lookup plugin of ansible. Arbitrary commands can be run, when the pipe lookup plugin uses subpro... | 7.4 - HIGH | 2020-03-03 | 2023-02-12 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Redhat | Ansible Engine | 3.5 | All | All | All |
| Application | Redhat | Ansible Engine | 3.0 | All | All | All |
| Application | Redhat | Ansible Engine | 2.9.7 | All | All | All |
| Application | Redhat | Ansible Engine | 2.9.6 | All | All | All |
| Application | Redhat | Ansible Engine | 2.9.5 | All | All | All |
| Application | Redhat | Ansible Engine | 2.9.3 | All | All | All |
| Application | Redhat | Ansible Engine | 2.9.13 | All | All | All |
| Application | Redhat | Ansible Engine | 2.9.12 | All | All | All |
| Application | Redhat | Ansible Engine | 2.9.0 | All | All | All |
| Application | Redhat | Ansible Engine | 2.8.9 | All | All | All |
| Application | Redhat | Ansible Engine | 2.8.8 | All | All | All |
| Application | Redhat | Ansible Engine | 2.8.6 | All | All | All |
| Application | Redhat | Ansible Engine | 2.8.5 | All | All | All |
| Application | Redhat | Ansible Engine | 2.8.4 | All | All | All |
| Application | Redhat | Ansible Engine | 2.8.3 | All | All | All |
| Application | Redhat | Ansible Engine | 2.8.2 | All | All | All |
| Application | Redhat | Ansible Engine | 2.8.15 | All | All | All |
| Application | Redhat | Ansible Engine | 2.8.14 | All | All | All |
| Application | Redhat | Ansible Engine | 2.8.11 | All | All | All |
| Application | Redhat | Ansible Engine | 2.8.1 | All | All | All |