Vulnerabilities > Redhat > Ansible Engine > 2.5
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-11-29 | CVE-2018-16859 | Information Exposure Through Log Files vulnerability in Redhat Ansible Engine Execution of Ansible playbooks on Windows platforms with PowerShell ScriptBlock logging and Module logging enabled can allow for 'become' passwords to appear in EventLogs in plaintext. | 2.1 |
| 2018-10-23 | CVE-2018-16837 | Missing Encryption of Sensitive Data vulnerability in multiple products Ansible "User" module leaks any data which is passed on as a parameter to ssh-keygen. | 2.1 |
| 2018-07-13 | CVE-2018-10875 | Untrusted Search Path vulnerability in multiple products A flaw was found in ansible. | 4.6 |
| 2018-07-02 | CVE-2018-10874 | Untrusted Search Path vulnerability in Redhat products In ansible it was found that inventory variables are loaded from current working directory when running ad-hoc command which are under attacker's control, allowing to run arbitrary code as a result. | 7.8 |