2.5.1

DATE	CVE	VULNERABILITY TITLE	RISK
2020-03-16	CVE-2020-1735	A flaw was found in the Ansible Engine when the fetch module is used. local low complexity redhat debian fedoraproject	4.6
2020-03-12	CVE-2020-1739	A flaw was found in Ansible 2.7.16 and prior, 2.8.8 and prior, and 2.9.5 and prior when a password is set with the argument "password" of svn module, it is used on svn command line, disclosing to other users within the same node. local low complexity redhat fedoraproject debian	3.9
2020-03-11	CVE-2020-1733	Race Condition vulnerability in multiple products A race condition flaw was found in Ansible Engine 2.7.17 and prior, 2.8.9 and prior, 2.9.6 and prior when running a playbook with an unprivileged become user. local high complexity redhat fedoraproject debian CWE-362	5.0
2019-07-30	CVE-2019-10156	A flaw was discovered in the way Ansible templating was implemented in versions before 2.6.18, 2.7.12 and 2.8.2, causing the possibility of information disclosure through unexpected variable substitution. network low complexity redhat debian	5.4
2019-03-27	CVE-2019-3828	Path Traversal vulnerability in Redhat Ansible Ansible fetch module before versions 2.5.15, 2.6.14, 2.7.8 has a path traversal vulnerability which allows copying and overwriting files outside of the specified destination in the local ansible controller host, by not restricting an absolute path. local low complexity redhat CWE-22	4.2
2019-01-03	CVE-2018-16876	Information Exposure vulnerability in multiple products ansible before versions 2.5.14, 2.6.11, 2.7.5 is vulnerable to a information disclosure flaw in vvv+ mode with no_log on that can lead to leakage of sensible data. network high complexity redhat debian suse canonical CWE-200	5.3