Vulnerabilities > Redhat > Ansible Automation Platform

DATE CVE VULNERABILITY TITLE RISK
2024-10-16 CVE-2024-10033 Cross-site Scripting vulnerability in Redhat products
A vulnerability was found in aap-gateway.
network
low complexity
redhat CWE-79
6.1
2024-02-06 CVE-2024-0690 Improper Encoding or Escaping of Output vulnerability in multiple products
An information disclosure flaw was found in ansible-core due to a failure to respect the ANSIBLE_NO_LOG configuration in some scenarios.
local
low complexity
redhat fedoraproject CWE-116
5.5
2024-02-05 CVE-2023-50782 Information Exposure Through Discrepancy vulnerability in multiple products
A flaw was found in the python-cryptography package.
network
low complexity
redhat cryptography-io couchbase CWE-203
7.5
2023-12-18 CVE-2023-5115 Absolute Path Traversal vulnerability in multiple products
An absolute path traversal attack exists in the Ansible automation platform.
network
low complexity
redhat debian CWE-36
6.3
2023-12-12 CVE-2023-5764 A template injection flaw was found in Ansible where a user's controller internal templating operations may remove the unsafe designation from template data.
local
low complexity
redhat fedoraproject
7.8
2023-11-14 CVE-2023-5189 Relative Path Traversal vulnerability in Redhat Ansible Automation Platform and Satellite
A path traversal vulnerability exists in Ansible when extracting tarballs.
network
low complexity
redhat CWE-23
6.5
2023-10-10 CVE-2023-44487 The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. 7.5
2023-10-04 CVE-2023-3971 Cross-site Scripting vulnerability in Redhat products
An HTML injection flaw was found in Controller in the user interface settings.
network
low complexity
redhat CWE-79
5.4
2023-10-04 CVE-2023-4237 Unspecified vulnerability in Redhat Ansible Automation Platform and Ansible Collection
A flaw was found in the Ansible Automation Platform.
local
low complexity
redhat
7.8
2023-10-04 CVE-2023-4380 Information Exposure Through Log Files vulnerability in Redhat products
A logic flaw exists in Ansible Automation platform.
network
low complexity
redhat CWE-532
6.3