Vulnerabilities > Redhat > Ansible Automation Platform > 1.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-18 | CVE-2023-5115 | Absolute Path Traversal vulnerability in multiple products An absolute path traversal attack exists in the Ansible automation platform. | 6.3 |
| 2022-09-13 | CVE-2022-3205 | Cross-site Scripting vulnerability in Redhat Ansible Automation Platform 1.2/2.0 Cross site scripting in automation controller UI in Red Hat Ansible Automation Platform 1.2 and 2.0 where the project name is susceptible to XSS injection | 6.1 |
| 2022-04-18 | CVE-2021-3681 | Insufficiently Protected Credentials vulnerability in Redhat Ansible Automation Platform and Ansible Galaxy A flaw was found in Ansible Galaxy Collections. | 5.5 |
| 2021-09-22 | CVE-2021-3583 | Code Injection vulnerability in Redhat Ansible Automation Platform and Ansible Tower A flaw was found in Ansible, where a user's controller is vulnerable to template injection. | 7.1 |
| 2021-04-29 | CVE-2021-20228 | Information Exposure vulnerability in multiple products A flaw was found in the Ansible Engine 2.9.18, where sensitive info is not masked by default and is not protected by the no_log feature when using the sub-option feature of the basic.py module. | 7.5 |