Vulnerabilities > Redhat > Ansible Engine > 2.8.11
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-03-03 | CVE-2021-3620 | Unspecified vulnerability in Redhat products A flaw was found in Ansible Engine's ansible-connection module, where sensitive information such as the Ansible user credentials is disclosed by default in the traceback error message. | 5.5 |
2021-09-22 | CVE-2021-3583 | Code Injection vulnerability in Redhat Ansible Automation Platform and Ansible Tower A flaw was found in Ansible, where a user's controller is vulnerable to template injection. | 7.1 |
2021-05-27 | CVE-2020-10729 | Use of Insufficiently Random Values vulnerability in multiple products A flaw was found in the use of insufficiently random values in Ansible. | 5.5 |
2020-09-23 | CVE-2020-14365 | A flaw was found in the Ansible Engine, in ansible-engine 2.8.x before 2.8.15 and ansible-engine 2.9.x before 2.9.13, when installing packages using the dnf module. | 7.1 |
2020-09-11 | CVE-2020-14332 | A flaw was found in the Ansible Engine when using module_args. | 5.5 |
2020-09-11 | CVE-2020-14330 | Information Exposure Through Log Files vulnerability in multiple products An Improper Output Neutralization for Logs flaw was found in Ansible when using the uri module, where sensitive data is exposed to content and json output. | 5.5 |