Vulnerabilities (CVE)

Vendor filter

Suse Subscribe

Product filter

Package Hub Subscribe

Filter

3 total CVE
CVE Vendors Products Updated CVSS
CVE-2018-10875 3 Redhat, Debian, Suse 9 Ansible Engine, Openstack, Virtualization and 6 more 2019-05-10 7.5
A flaw was found in ansible. ansible.cfg is read from the current working directory which can be altered to make it point to a plugin or a module path under the control of an attacker, thus allowing the attacker to execute arbitrary code.
CVE-2018-16837 3 Redhat, Debian, Suse 4 Ansible Engine, Ansible Tower, Debian Linux and 1 more 2019-04-25 2.1
Ansible "User" module leaks any data which is passed on as a parameter to ssh-keygen. This could lean in undesirable situations such as passphrases credentials passed as a parameter for the ssh-keygen executable. Showing those credentials in...
CVE-2018-16876 3 Redhat, Debian, Suse 8 Ansible, Debian Linux, Openstack and 5 more 2019-04-16 5.0
ansible before versions 2.5.14, 2.6.11, 2.7.5 is vulnerable to a information disclosure flaw in vvv+ mode with no_log on that can lead to leakage of sensible data.