VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
>
Redhat
>
Ansible Automation Platform
> High
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2024-02-05
CVE-2023-50782
Information Exposure Through Discrepancy vulnerability in multiple products
A flaw was found in the python-cryptography package.
network
low complexity
redhat
cryptography-io
couchbase
CWE-203
7.5
7.5
2023-12-12
CVE-2023-5764
A template injection flaw was found in Ansible where a user's controller internal templating operations may remove the unsafe designation from template data.
local
low complexity
redhat
fedoraproject
7.8
7.8
2023-10-10
CVE-2023-44487
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
network
low complexity
ietf
nghttp2
netty
envoyproxy
eclipse
caddyserver
golang
f5
apache
apple
grpc
microsoft
nodejs
dena
facebook
amazon
debian
kazu-yamamoto
istio
varnish-cache-project
traefik
projectcontour
linkerd
linecorp
redhat
fedoraproject
netapp
akka
konghq
jenkins
openresty
cisco
7.5
7.5
2023-10-04
CVE-2023-4237
Unspecified vulnerability in Redhat Ansible Automation Platform and Ansible Collection
A flaw was found in the Ansible Automation Platform.
local
low complexity
redhat
7.8
7.8
2022-08-25
CVE-2021-4112
Unspecified vulnerability in Redhat products
A flaw was found in ansible-tower where the default installation is vulnerable to job isolation escape.
local
low complexity
redhat
8.8
8.8
2021-09-22
CVE-2021-3583
Code Injection vulnerability in Redhat Ansible Automation Platform and Ansible Tower
A flaw was found in Ansible, where a user's controller is vulnerable to template injection.
local
low complexity
redhat
CWE-94
7.1
7.1
2021-04-29
CVE-2021-20228
Information Exposure vulnerability in multiple products
A flaw was found in the Ansible Engine 2.9.18, where sensitive info is not masked by default and is not protected by the no_log feature when using the sub-option feature of the basic.py module.
network
low complexity
redhat
debian
CWE-200
7.5
7.5