Known Vulnerabilities for Ansible Engine by Redhat
Listed below are 10 of the newest known vulnerabilities associated with "Ansible Engine" by "Redhat".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2021-20228 json | A flaw was found in the Ansible Engine 2.9.18, where sensitive info is not masked by default and is not protected by the no_l... | 7.5 - HIGH | 2021-04-29 | 2023-11-07 |
| CVE-2021-3620 json | A flaw was found in Ansible Engine's ansible-connection module, where sensitive information such as the Ansible user credenti... | 5.5 - MEDIUM | 2022-03-03 | 2023-12-28 |
| CVE-2021-3583 json | A flaw was found in Ansible, where a user's controller is vulnerable to template injection. This issue can occur through fact... | 7.1 - HIGH | 2021-09-22 | 2023-12-28 |
| CVE-2021-3533 json | A flaw was found in Ansible if an ansible user sets ANSIBLE_ASYNC_DIR to a subdirectory of a world writable directory. When t... | Not Provided | 2021-06-09 | 2024-01-23 |
| CVE-2021-3532 json | A flaw was found in Ansible where the secret information present in async_files are getting disclosed when the user changes t... | Not Provided | 2021-06-09 | 2024-01-15 |
| CVE-2020-14365 json | A flaw was found in the Ansible Engine, in ansible-engine 2.8.x before 2.8.15 and ansible-engine 2.9.x before 2.9.13, when in... | 7.1 - HIGH | 2020-09-23 | 2022-04-05 |
| CVE-2020-14332 json | A flaw was found in the Ansible Engine when using module_args. Tasks executed with check mode (--check-mode) do not properly ... | 5.5 - MEDIUM | 2020-09-11 | 2023-11-07 |
| CVE-2020-14330 json | An Improper Output Neutralization for Logs flaw was found in Ansible when using the uri module, where sensitive data is expos... | 5.5 - MEDIUM | 2020-09-11 | 2023-11-07 |
| CVE-2020-10729 json | A flaw was found in the use of insufficiently random values in Ansible. Two random password lookups of the same length genera... | 5.5 - MEDIUM | 2021-05-27 | 2021-12-10 |
| CVE-2020-10691 json | An archive traversal flaw was found in all ansible-engine versions 2.9.x prior to 2.9.7, when running ansible-galaxy collecti... | 5.2 - MEDIUM | 2020-04-30 | 2023-11-07 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Redhat | Ansible Engine | 3.5 | |||
| Application | Redhat | Ansible Engine | 3.0 | |||
| Application | Redhat | Ansible Engine | 2.9.7 | |||
| Application | Redhat | Ansible Engine | 2.9.6 | |||
| Application | Redhat | Ansible Engine | 2.9.5 | |||
| Application | Redhat | Ansible Engine | 2.9.3 | |||
| Application | Redhat | Ansible Engine | 2.9.13 | |||
| Application | Redhat | Ansible Engine | 2.9.12 | |||
| Application | Redhat | Ansible Engine | 2.9.0 | |||
| Application | Redhat | Ansible Engine | 2.8.9 | |||
| Application | Redhat | Ansible Engine | 2.8.8 | |||
| Application | Redhat | Ansible Engine | 2.8.6 | |||
| Application | Redhat | Ansible Engine | 2.8.5 | |||
| Application | Redhat | Ansible Engine | 2.8.4 | |||
| Application | Redhat | Ansible Engine | 2.8.3 | |||
| Application | Redhat | Ansible Engine | 2.8.2 | |||
| Application | Redhat | Ansible Engine | 2.8.15 | |||
| Application | Redhat | Ansible Engine | 2.8.14 | |||
| Application | Redhat | Ansible Engine | 2.8.11 | |||
| Application | Redhat | Ansible Engine | 2.8.1 |