Ansible
by Red Hat
Source repositories
CVEs (50)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-10884 | Hig | 0.57 | 8.8 | 0.01 | Aug 22, 2018 | Ansible Tower before versions 3.1.8 and 3.2.6 is vulnerable to cross-site request forgery (CSRF) in awx/api/authentication.py. An attacker could exploit this by tricking already authenticated users into visiting a malicious site and hijacking the authtoken cookie. | ||
| CVE-2017-7550 | Cri | 0.57 | 9.8 | 0.04 | Nov 21, 2017 | A flaw was found in the way Ansible (2.3.x before 2.3.3, and 2.4.x before 2.4.1) passed certain parameters to the jenkins_plugin module. Remote attackers could use this flaw to expose sensitive information from a remote host's logs. This flaw was fixed by not allowing passwords… | ||
| CVE-2017-12148 | Hig | 0.55 | 8.4 | 0.02 | Jul 27, 2018 | A flaw was found in Ansible Tower's interface before 3.1.5 and 3.2.0 with SCM repositories. If a Tower project (SCM repository) definition does not have the 'delete before update' flag set, an attacker with commit access to the upstream playbook source repository could create a… | ||
| CVE-2024-1657 | Hig | 0.53 | 8.1 | 0.00 | Apr 25, 2024 | A flaw was found in the ansible automation platform. An insecure WebSocket connection was being used in installation from the Ansible rulebook EDA server. An attacker that has access to any machine in the CIDR block could download all rulebook data from the WebSocket, resulting… | ||
| CVE-2016-7070 | Hig | 0.52 | 8.0 | 0.01 | Sep 11, 2018 | A privilege escalation flaw was found in the Ansible Tower. When Tower before 3.0.3 deploys a PostgreSQL database, it incorrectly configures the trust level of postgres user. An attacker could use this vulnerability to gain admin level access to the database. | ||
| CVE-2014-3498 | Hig | 0.50 | 8.8 | 0.03 | Jun 8, 2017 | The user module in ansible before 1.6.6 allows remote authenticated users to execute arbitrary commands. | ||
| CVE-2026-11332 | Hig | 0.44 | 7.8 | 0.00 | Jun 5, 2026 | A flaw was found in ansible-core. The ansible-galaxy role install command processes dependency specifications from a role's meta/requirements.yml file. Due to improper neutralization of argument delimiters, a malicious role author can inject arbitrary git configuration flags… | ||
| CVE-2015-6240 | Hig | 0.44 | 7.8 | 0.00 | Jun 7, 2017 | The chroot, jail, and zone connection plugins in ansible before 1.9.2 allow local users to escape a restricted environment via a symlink attack. | ||
| CVE-2016-3096 | Hig | 0.44 | 7.8 | 0.00 | Jun 3, 2016 | The create_script function in the lxc_container module in Ansible before 1.9.6-1 and 2.x before 2.0.2.0 allows local users to write to arbitrary files or gain privileges via a symlink attack on (1) /opt/.lxc-attach-script, (2) the archived container in the archive_path… | ||
| CVE-2016-8628 | Hig | 0.43 | 7.6 | 0.03 | Jul 31, 2018 | Ansible before version 2.2.0 fails to properly sanitize fact variables sent from the Ansible controller. An attacker with the ability to create special variables on the controller could execute arbitrary commands on Ansible clients as the user Ansible runs as. | ||
| CVE-2024-9902 | Med | 0.34 | 6.3 | 0.00 | Nov 6, 2024 | A flaw was found in Ansible. The ansible-core `user` module can allow an unprivileged user to silently create or replace the contents of any file on any system path and take ownership of it when a privileged user executes the `user` module against the unprivileged user's home… | ||
| CVE-2017-7528 | Med | 0.34 | 5.2 | 0.01 | Aug 22, 2018 | Ansible Tower as shipped with Red Hat CloudForms Management Engine 5 is vulnerable to CRLF Injection. It was found that X-Forwarded-For header allows internal servers to deploy other systems (using callback). | ||
| CVE-2016-8614 | Med | 0.34 | 6.3 | 0.02 | Jul 31, 2018 | A flaw was found in Ansible before version 2.2.0. The apt_key module does not properly verify key fingerprints, allowing remote adversary to create an OpenPGP key which matches the short key ID and inject this key instead of the correct key. | ||
| CVE-2024-11079 | Med | 0.29 | 5.5 | 0.01 | Nov 12, 2024 | A flaw was found in Ansible-Core. This vulnerability allows attackers to bypass unsafe content protections using the hostvars object to reference and execute templated content. This issue can lead to arbitrary code execution if remote data or module outputs are improperly… | ||
| CVE-2024-8775 | Med | 0.29 | 5.5 | 0.00 | Sep 14, 2024 | A flaw was found in Ansible, where sensitive information stored in Ansible Vault files can be exposed in plaintext during the execution of a playbook. This occurs when using tasks such as include_vars to load vaulted variables without setting the no_log: true parameter,… | ||
| CVE-2016-8647 | Med | 0.25 | 4.9 | 0.01 | Jul 26, 2018 | An input validation vulnerability was found in Ansible's mysql_user module before 2.2.1.0, which may fail to correctly change a password in certain circumstances. Thus the previous password would still be active when it should have been changed. | ||
| CVE-2026-11819 | 0.00 | — | 0.00 | Jun 23, 2026 | Module: plugins/modules/keyring_info.py CVSS 3.1: 5.5 MEDIUM — AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Issue: The module retrieves a passphrase from the OS native keyring (GNOME Keyring, macOS Keychain, Windows Credential Manager) and places it directly into… | |||
| CVE-2025-53862 | 0.00 | — | 0.00 | Jul 11, 2025 | A flaw was found in Ansible. Three API endpoints are accessible and return verbose, unauthenticated responses. This flaw allows a malicious user to access data that may contain important information. | |||
| CVE-2024-0690 | 0.00 | — | 0.00 | Feb 6, 2024 | An information disclosure flaw was found in ansible-core due to a failure to respect the ANSIBLE_NO_LOG configuration in some scenarios. Information is still included in the output in certain tasks, such as loop items. Depending on the task, this issue may include sensitive… | |||
| CVE-2020-25636 | 0.00 | — | 0.00 | Oct 5, 2020 | A flaw was found in Ansible Base when using the aws_ssm connection plugin as there is no namespace separation for file transfers. Files are written directly to the root bucket, making possible to have collisions when running multiple ansible processes. This issue affects mainly… |
- risk 0.57cvss 8.8epss 0.01
Ansible Tower before versions 3.1.8 and 3.2.6 is vulnerable to cross-site request forgery (CSRF) in awx/api/authentication.py. An attacker could exploit this by tricking already authenticated users into visiting a malicious site and hijacking the authtoken cookie.
- risk 0.57cvss 9.8epss 0.04
A flaw was found in the way Ansible (2.3.x before 2.3.3, and 2.4.x before 2.4.1) passed certain parameters to the jenkins_plugin module. Remote attackers could use this flaw to expose sensitive information from a remote host's logs. This flaw was fixed by not allowing passwords…
- risk 0.55cvss 8.4epss 0.02
A flaw was found in Ansible Tower's interface before 3.1.5 and 3.2.0 with SCM repositories. If a Tower project (SCM repository) definition does not have the 'delete before update' flag set, an attacker with commit access to the upstream playbook source repository could create a…
- risk 0.53cvss 8.1epss 0.00
A flaw was found in the ansible automation platform. An insecure WebSocket connection was being used in installation from the Ansible rulebook EDA server. An attacker that has access to any machine in the CIDR block could download all rulebook data from the WebSocket, resulting…
- risk 0.52cvss 8.0epss 0.01
A privilege escalation flaw was found in the Ansible Tower. When Tower before 3.0.3 deploys a PostgreSQL database, it incorrectly configures the trust level of postgres user. An attacker could use this vulnerability to gain admin level access to the database.
- risk 0.50cvss 8.8epss 0.03
The user module in ansible before 1.6.6 allows remote authenticated users to execute arbitrary commands.
- risk 0.44cvss 7.8epss 0.00
A flaw was found in ansible-core. The ansible-galaxy role install command processes dependency specifications from a role's meta/requirements.yml file. Due to improper neutralization of argument delimiters, a malicious role author can inject arbitrary git configuration flags…
- risk 0.44cvss 7.8epss 0.00
The chroot, jail, and zone connection plugins in ansible before 1.9.2 allow local users to escape a restricted environment via a symlink attack.
- risk 0.44cvss 7.8epss 0.00
The create_script function in the lxc_container module in Ansible before 1.9.6-1 and 2.x before 2.0.2.0 allows local users to write to arbitrary files or gain privileges via a symlink attack on (1) /opt/.lxc-attach-script, (2) the archived container in the archive_path…
- risk 0.43cvss 7.6epss 0.03
Ansible before version 2.2.0 fails to properly sanitize fact variables sent from the Ansible controller. An attacker with the ability to create special variables on the controller could execute arbitrary commands on Ansible clients as the user Ansible runs as.
- risk 0.34cvss 6.3epss 0.00
A flaw was found in Ansible. The ansible-core `user` module can allow an unprivileged user to silently create or replace the contents of any file on any system path and take ownership of it when a privileged user executes the `user` module against the unprivileged user's home…
- risk 0.34cvss 5.2epss 0.01
Ansible Tower as shipped with Red Hat CloudForms Management Engine 5 is vulnerable to CRLF Injection. It was found that X-Forwarded-For header allows internal servers to deploy other systems (using callback).
- risk 0.34cvss 6.3epss 0.02
A flaw was found in Ansible before version 2.2.0. The apt_key module does not properly verify key fingerprints, allowing remote adversary to create an OpenPGP key which matches the short key ID and inject this key instead of the correct key.
- risk 0.29cvss 5.5epss 0.01
A flaw was found in Ansible-Core. This vulnerability allows attackers to bypass unsafe content protections using the hostvars object to reference and execute templated content. This issue can lead to arbitrary code execution if remote data or module outputs are improperly…
- risk 0.29cvss 5.5epss 0.00
A flaw was found in Ansible, where sensitive information stored in Ansible Vault files can be exposed in plaintext during the execution of a playbook. This occurs when using tasks such as include_vars to load vaulted variables without setting the no_log: true parameter,…
- risk 0.25cvss 4.9epss 0.01
An input validation vulnerability was found in Ansible's mysql_user module before 2.2.1.0, which may fail to correctly change a password in certain circumstances. Thus the previous password would still be active when it should have been changed.
- CVE-2026-11819Jun 23, 2026risk 0.00cvss —epss 0.00
Module: plugins/modules/keyring_info.py CVSS 3.1: 5.5 MEDIUM — AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Issue: The module retrieves a passphrase from the OS native keyring (GNOME Keyring, macOS Keychain, Windows Credential Manager) and places it directly into…
- CVE-2025-53862Jul 11, 2025risk 0.00cvss —epss 0.00
A flaw was found in Ansible. Three API endpoints are accessible and return verbose, unauthenticated responses. This flaw allows a malicious user to access data that may contain important information.
- CVE-2024-0690Feb 6, 2024risk 0.00cvss —epss 0.00
An information disclosure flaw was found in ansible-core due to a failure to respect the ANSIBLE_NO_LOG configuration in some scenarios. Information is still included in the output in certain tasks, such as loop items. Depending on the task, this issue may include sensitive…
- CVE-2020-25636Oct 5, 2020risk 0.00cvss —epss 0.00
A flaw was found in Ansible Base when using the aws_ssm connection plugin as there is no namespace separation for file transfers. Files are written directly to the root bucket, making possible to have collisions when running multiple ansible processes. This issue affects mainly…
Page 1 of 3