Vulnerabilities > Redhat > Ansible > 1.9.3.0.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-03-12 | CVE-2020-1739 | A flaw was found in Ansible 2.7.16 and prior, 2.8.8 and prior, and 2.9.5 and prior when a password is set with the argument "password" of svn module, it is used on svn command line, disclosing to other users within the same node. | 3.9 |
| 2020-03-11 | CVE-2020-1733 | Race Condition vulnerability in multiple products A race condition flaw was found in Ansible Engine 2.7.17 and prior, 2.8.9 and prior, 2.9.6 and prior when running a playbook with an unprivileged become user. | 5.0 |
| 2019-07-30 | CVE-2019-10156 | A flaw was discovered in the way Ansible templating was implemented in versions before 2.6.18, 2.7.12 and 2.8.2, causing the possibility of information disclosure through unexpected variable substitution. | 5.4 |
| 2018-07-31 | CVE-2016-8614 | Key Management Errors vulnerability in Redhat Ansible A flaw was found in Ansible before version 2.2.0. | 7.5 |
| 2018-07-31 | CVE-2016-8628 | Command Injection vulnerability in Redhat Ansible Ansible before version 2.2.0 fails to properly sanitize fact variables sent from the Ansible controller. | 9.1 |
| 2018-06-22 | CVE-2017-7466 | Improper Input Validation vulnerability in Redhat Ansible Ansible before version 2.3 has an input validation vulnerability in the handling of data sent from client systems. | 8.0 |
| 2018-04-24 | CVE-2016-9587 | Improper Input Validation vulnerability in multiple products Ansible before versions 2.1.4, 2.2.1 is vulnerable to an improper input validation in Ansible's handling of data sent from client systems. | 8.1 |
| 2016-06-03 | CVE-2016-3096 | Link Following vulnerability in multiple products The create_script function in the lxc_container module in Ansible before 1.9.6-1 and 2.x before 2.0.2.0 allows local users to write to arbitrary files or gain privileges via a symlink attack on (1) /opt/.lxc-attach-script, (2) the archived container in the archive_path directory, or the (3) lxc-attach-script.log or (4) lxc-attach-script.err files in the temporary directory. | 7.8 |