Moderate severityNVD Advisory· Published Dec 12, 2023· Updated Nov 20, 2025
Ansible: template injection
CVE-2023-5764
Description
A template injection flaw was found in Ansible where a user's controller internal templating operations may remove the unsafe designation from template data. This issue could allow an attacker to use a specially crafted file to introduce templating injection when supplying templating data.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
ansible-corePyPI | >= 2.16.0, < 2.16.1 | 2.16.1 |
ansible-corePyPI | >= 2.15.0, < 2.15.8 | 2.15.8 |
ansible-corePyPI | < 2.14.12 | 2.14.12 |
Affected products
41- cpe:/a:redhat:ansible_automation_platform_developer:2.4::el9Range: 1:2.15.8-1.el9ap
- ghsa-coords40 versionspkg:pypi/ansible-corepkg:rpm/opensuse/ansible-core-2.17&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/ansible-core-2.18&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/ansible-core-2.19&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/ansible-core-2.20&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/ansible-core&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/ansible&distro=openSUSE%20Leap%2015.5pkg:rpm/opensuse/ansible-documentation&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/dracut-saltboot&distro=openSUSE%20Leap%2015.5pkg:rpm/opensuse/golang-github-prometheus-promu&distro=openSUSE%20Leap%2015.5pkg:rpm/opensuse/POS_Image-Graphical7&distro=openSUSE%20Leap%2015.5pkg:rpm/opensuse/POS_Image-JeOS7&distro=openSUSE%20Leap%2015.5pkg:rpm/opensuse/spacecmd&distro=openSUSE%20Leap%2015.5pkg:rpm/suse/ansible&distro=SUSE%20Manager%20Client%20Tools%2015pkg:rpm/suse/ansible&distro=SUSE%20Manager%20Client%20Tools%2015-BETApkg:rpm/suse/ansible&distro=SUSE%20Manager%20Proxy%20Module%204.3pkg:rpm/suse/dracut-saltboot&distro=SUSE%20Manager%20Client%20Tools%2015pkg:rpm/suse/dracut-saltboot&distro=SUSE%20Manager%20Client%20Tools%2015-BETApkg:rpm/suse/dracut-saltboot&distro=SUSE%20Manager%20Client%20Tools%20for%20SLE%20Micro%205pkg:rpm/suse/golang-github-prometheus-node_exporter&distro=SUSE%20Manager%20Client%20Tools%20Beta%20for%20SLE%20Micro%205pkg:rpm/suse/golang-github-prometheus-promu&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP5pkg:rpm/suse/grafana&distro=SUSE%20Manager%20Client%20Tools%2015pkg:rpm/suse/grafana&distro=SUSE%20Manager%20Client%20Tools%2015-BETApkg:rpm/suse/mgr-daemon&distro=SUSE%20Manager%20Client%20Tools%2015pkg:rpm/suse/POS_Image-Graphical7&distro=SUSE%20Manager%20Client%20Tools%2015pkg:rpm/suse/POS_Image-Graphical7&distro=SUSE%20Manager%20Client%20Tools%2015-BETApkg:rpm/suse/POS_Image-JeOS7&distro=SUSE%20Manager%20Client%20Tools%2015pkg:rpm/suse/POS_Image-JeOS7&distro=SUSE%20Manager%20Client%20Tools%2015-BETApkg:rpm/suse/spacecmd&distro=SUSE%20Manager%20Client%20Tools%2015pkg:rpm/suse/spacecmd&distro=SUSE%20Manager%20Client%20Tools%2015-BETApkg:rpm/suse/spacewalk-client-tools&distro=SUSE%20Manager%20Client%20Tools%2015pkg:rpm/suse/spacewalk-client-tools&distro=SUSE%20Manager%20Client%20Tools%2015-BETApkg:rpm/suse/spacewalk-koan&distro=SUSE%20Manager%20Client%20Tools%2015pkg:rpm/suse/supportutils-plugin-susemanager-client&distro=SUSE%20Manager%20Client%20Tools%2015-BETApkg:rpm/suse/uyuni-common-libs&distro=SUSE%20Manager%20Client%20Tools%2015pkg:rpm/suse/uyuni-proxy-systemd-services&distro=SUSE%20Manager%20Client%20Tools%2015pkg:rpm/suse/uyuni-proxy-systemd-services&distro=SUSE%20Manager%20Client%20Tools%20for%20SLE%20Micro%205pkg:rpm/suse/uyuni-proxy-systemd-services&distro=SUSE%20Manager%20Proxy%20Module%204.3pkg:rpm/suse/uyuni-tools&distro=SUSE%20Manager%20Client%20Tools%2015-BETApkg:rpm/suse/uyuni-tools&distro=SUSE%20Manager%20Client%20Tools%20Beta%20for%20SLE%20Micro%205
>= 2.16.0, < 2.16.1+ 39 more
- (no CPE)range: >= 2.16.0, < 2.16.1
- (no CPE)range: < 2.17.6-1.1
- (no CPE)range: < 2.18.10-2.1
- (no CPE)range: < 2.19.4-1.1
- (no CPE)range: < 2.20.6-1.1
- (no CPE)range: < 2.16.9-1.1
- (no CPE)range: < 2.9.27-150000.1.17.2
- (no CPE)range: < 2.15.7-1.1
- (no CPE)range: < 0.1.1710765237.46af599-150000.1.53.2
- (no CPE)range: < 0.14.0-150000.3.18.2
- (no CPE)range: < 0.1.1710765237.46af599-150000.1.21.2
- (no CPE)range: < 0.1.1710765237.46af599-150000.1.21.2
- (no CPE)range: < 4.3.27-150000.3.116.2
- (no CPE)range: < 2.9.27-150000.1.17.2
- (no CPE)range: < 2.9.27-159000.3.12.2
- (no CPE)range: < 2.9.27-150000.1.17.2
- (no CPE)range: < 0.1.1710765237.46af599-150000.1.53.2
- (no CPE)range: < 0.1.1710765237.46af599-159000.3.33.2
- (no CPE)range: < 0.1.1710765237.46af599-150000.1.53.2
- (no CPE)range: < 1.5.0-159000.6.2.1
- (no CPE)range: < 0.14.0-150000.3.18.2
- (no CPE)range: < 9.5.18-150000.1.63.2
- (no CPE)range: < 9.5.16-159000.4.30.2
- (no CPE)range: < 4.3.9-150000.1.47.2
- (no CPE)range: < 0.1.1710765237.46af599-150000.1.21.2
- (no CPE)range: < 0.1.1710765237.46af599-159000.3.24.2
- (no CPE)range: < 0.1.1710765237.46af599-150000.1.21.2
- (no CPE)range: < 0.1.1710765237.46af599-159000.3.24.2
- (no CPE)range: < 4.3.27-150000.3.116.2
- (no CPE)range: < 5.0.5-159000.6.48.2
- (no CPE)range: < 4.3.19-150000.3.89.2
- (no CPE)range: < 5.0.4-159000.6.54.2
- (no CPE)range: < 4.3.6-150000.3.33.2
- (no CPE)range: < 5.0.3-159000.6.21.2
- (no CPE)range: < 4.3.10-150000.1.39.2
- (no CPE)range: < 4.3.12-150000.1.21.2
- (no CPE)range: < 4.3.12-150000.1.21.2
- (no CPE)range: < 4.3.12-150000.1.21.2
- (no CPE)range: < 0.1.7-159000.3.8.1
- (no CPE)range: < 0.1.7-159000.3.8.1
Patches
Vulnerability mechanics
References
9- access.redhat.com/errata/RHSA-2023:7773ghsavendor-advisoryx_refsource_REDHATWEB
- github.com/advisories/GHSA-7j69-qfc3-2fq9ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2023-5764ghsaADVISORY
- access.redhat.com/security/cve/CVE-2023-5764ghsavdb-entryx_refsource_REDHATWEB
- bugzilla.redhat.com/show_bug.cgighsaissue-trackingx_refsource_REDHATWEB
- github.com/ansible/ansible/commit/270b39f6ff02511a2199505161218cbd1a5ae34fghsaWEB
- github.com/ansible/ansible/commit/7239d2d371bc6e274cbb7314e01431adce6ae25aghsaWEB
- github.com/ansible/ansible/commit/fea130480d261ea5bf6fcd5cf19a348f1686ceb1ghsaWEB
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X7Q6CHPVCHMZS5M7V22GOKFSXZAQ24EUghsaWEB
News mentions
0No linked articles in our index yet.