Vulnerabilities > Redhat > Ansible Automation Platform > High

DATE CVE VULNERABILITY TITLE RISK
2024-02-05 CVE-2023-50782 Information Exposure Through Discrepancy vulnerability in multiple products
A flaw was found in the python-cryptography package.
network
low complexity
redhat cryptography-io couchbase CWE-203
7.5
2023-12-12 CVE-2023-5764 A template injection flaw was found in Ansible where a user's controller internal templating operations may remove the unsafe designation from template data.
local
low complexity
redhat fedoraproject
7.8
2023-10-10 CVE-2023-44487 The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. 7.5
2023-10-04 CVE-2023-4237 Unspecified vulnerability in Redhat Ansible Automation Platform and Ansible Collection
A flaw was found in the Ansible Automation Platform.
local
low complexity
redhat
7.8
2022-08-25 CVE-2021-4112 Unspecified vulnerability in Redhat products
A flaw was found in ansible-tower where the default installation is vulnerable to job isolation escape.
local
low complexity
redhat
8.8
2021-09-22 CVE-2021-3583 Code Injection vulnerability in Redhat Ansible Automation Platform and Ansible Tower
A flaw was found in Ansible, where a user's controller is vulnerable to template injection.
local
low complexity
redhat CWE-94
7.1
2021-04-29 CVE-2021-20228 Information Exposure vulnerability in multiple products
A flaw was found in the Ansible Engine 2.9.18, where sensitive info is not masked by default and is not protected by the no_log feature when using the sub-option feature of the basic.py module.
network
low complexity
redhat debian CWE-200
7.5