VYPR

Ansible

by Ansible

CVEs (3)

  • CVE-2018-16879CriJan 3, 2019
    risk 0.64cvss 9.8epss 0.01

    Ansible Tower before version 3.3.3 does not set a secure channel as it is using the default insecure configuration channel settings for messaging celery workers from RabbitMQ. This could lead in data leak of sensitive information such as passwords as well as denial of service…

  • CVE-2020-10782MedJun 18, 2020
    risk 0.42cvss 6.5epss 0.00

    An exposure of sensitive information flaw was found in Ansible version 3.7.0. Sensitive information, such tokens and other secrets could be readable and exposed from the rsyslog configuration file, which has set the wrong world-readable permissions. The highest threat from this…

  • CVE-2025-53861LowJul 11, 2025
    risk 0.20cvss 3.1epss 0.00

    A flaw was found in Ansible. Sensitive cookies without security flags over non-encrypted channels can lead to Man-in-the-Middle (MitM) and Cross-site scripting (XSS) attacks allowing attackers to read transmitted data.