VYPR
Vendor

Ansible

Products
14
CVEs
35
Across products
35
Status
Private

Products

14

Recent CVEs

35
View all 35 CVEs →
  • CVE-2017-12148HigJul 27, 2018
    risk 0.55cvss 8.4epss 0.02

    A flaw was found in Ansible Tower's interface before 3.1.5 and 3.2.0 with SCM repositories. If a Tower project (SCM repository) definition does not have the 'delete before update' flag set, an attacker with commit access to the upstream playbook source repository could create a…

  • CVE-2025-1801HigMar 3, 2025
    risk 0.53cvss 8.1epss 0.00

    A flaw was found in the Ansible aap-gateway. Concurrent requests handled by the gateway grpc service can result in concurrency issues due to race condition requests against the proxy. This issue potentially allows a less privileged user to obtain the JWT of a greater privileged…

  • CVE-2016-7070HigSep 11, 2018
    risk 0.52cvss 8.0epss 0.01

    A privilege escalation flaw was found in the Ansible Tower. When Tower before 3.0.3 deploys a PostgreSQL database, it incorrectly configures the trust level of postgres user. An attacker could use this vulnerability to gain admin level access to the database.

  • CVE-2026-12398HigJun 16, 2026
    risk 0.49cvss 7.5epss 0.01

    A command injection vulnerability was found in galaxy_ng. The do_git_checkout() function in the legacy role import API (v1) interpolates unsanitized git ref names (branch/tag names) into shell commands executed via subprocess.run() with shell=True. An authenticated user who…

  • CVE-2026-11837HigJun 10, 2026
    risk 0.47cvss 7.3epss 0.00

    A local privilege escalation vulnerability was found in the ansible.posix authorized_key module. The module's keyfile() function uses os.chown() instead of os.lchown() and opens files without O_NOFOLLOW when managing SSH authorized keys. An unprivileged local user can pre-stage…

  • CVE-2026-11332HigJun 5, 2026
    risk 0.44cvss 7.8epss 0.00

    A flaw was found in ansible-core. The ansible-galaxy role install command processes dependency specifications from a role's meta/requirements.yml file. Due to improper neutralization of argument delimiters, a malicious role author can inject arbitrary git configuration flags…

  • CVE-2026-11820modJun 15, 2026
    risk 0.42cvss 6.5epss 0.00

    community.general: community.general nexmo — API credentials exposed in GET URL query string[SECURITY] community.general nexmo — API credentials exposed in GET URL query string

  • CVE-2025-2877MedMar 28, 2025
    risk 0.42cvss 6.5epss 0.00

    A flaw was found in the Ansible Automation Platform's Event-Driven Ansible. In configurations where verbosity is set to "debug", inventory passwords are exposed in plain text when starting a rulebook activation. This issue exists for any "debug" action in a rulebook and also…

  • CVE-2025-5988MedAug 4, 2025
    risk 0.34cvss 5.3epss 0.00

    A flaw was found in the Ansible aap-gateway. Cross-site request forgery (CSRF) origin checking is not done on requests from the gateway to external components, such as the controller, hub, and eda.

  • CVE-2024-9620MedOct 8, 2024
    risk 0.34cvss 5.3epss 0.00

    A flaw was found in Event-Driven Automation (EDA) in Ansible Automation Platform (AAP), which lacks encryption of sensitive information. An attacker with network access could exploit this vulnerability by sniffing the plaintext data transmitted between the EDA and AAP. An…

  • CVE-2025-7738MedJul 31, 2025
    risk 0.29cvss 4.4epss 0.00

    A flaw was found in Ansible Automation Platform (AAP) where the Gateway API returns the client secret for certain GitHub Enterprise authenticators in clear text. This vulnerability affects administrators or auditors accessing authenticator configurations. While access is limited…

  • CVE-2024-11483MedNov 25, 2024
    risk 0.26cvss 5.0epss 0.01

    A vulnerability was found in the Ansible Automation Platform (AAP). This flaw allows attackers to escalate privileges by improperly leveraging read-scoped OAuth2 tokens to gain write access. This issue affects API endpoints that rely on ansible_base.oauth2_provider for OAuth2…

  • CVE-2015-1482Feb 4, 2015
    risk 0.04cvss epss 0.09

    Ansible Tower (aka Ansible UI) before 2.0.5 allows remote attackers to bypass authentication and obtain sensitive information via a websocket connection to socket.io/1/.

  • CVE-2015-1481Feb 4, 2015
    risk 0.03cvss epss 0.06

    Ansible Tower (aka Ansible UI) before 2.0.5 allows remote organization administrators to gain privileges by creating a superuser account.

  • CVE-2015-1368Jan 27, 2015
    risk 0.03cvss epss 0.05

    Multiple cross-site scripting (XSS) vulnerabilities in Ansible Tower (aka Ansible UI) before 2.0.5 allow remote attackers to inject arbitrary web script or HTML via the (1) order_by parameter to credentials/, (2) inventories/, (3) projects/, or (4) users/3/permissions/ in…

  • CVE-2021-20139Dec 9, 2021
    risk 0.01cvss epss 0.04

    An unauthenticated command injection vulnerability exists in the parameters of operation 3 in the controller_server service on Gryphon Tower routers. An unauthenticated remote attacker on the same network can execute commands as root on the device by sending a specially crafted…

  • CVE-2021-20138Dec 9, 2021
    risk 0.01cvss epss 0.04

    An unauthenticated command injection vulnerability exists in multiple parameters in the Gryphon Tower router’s web interface at /cgi-bin/luci/rc. An unauthenticated remote attacker on the same network can execute commands as root on the device by sending a specially crafted…

  • CVE-2021-20137Dec 9, 2021
    risk 0.01cvss epss 0.03

    A reflected cross-site scripting vulnerability exists in the url parameter of the /cgi-bin/luci/site_access/ page on the Gryphon Tower router's web interface. An attacker could exploit this issue by tricking a user into following a specially crafted link, granting the attacker…

  • CVE-2021-20142Dec 9, 2021
    risk 0.01cvss epss 0.04

    An unauthenticated command injection vulnerability exists in the parameters of operation 41 in the controller_server service on Gryphon Tower routers. An unauthenticated remote attacker on the same network can execute commands as root on the device by sending a specially crafted…

  • CVE-2021-20141Dec 9, 2021
    risk 0.01cvss epss 0.04

    An unauthenticated command injection vulnerability exists in the parameters of operation 32 in the controller_server service on Gryphon Tower routers. An unauthenticated remote attacker on the same network can execute commands as root on the device by sending a specially crafted…