Vulnerabilities > Redhat > Ansible > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-02-06 CVE-2024-0690 Improper Encoding or Escaping of Output vulnerability in multiple products
An information disclosure flaw was found in ansible-core due to a failure to respect the ANSIBLE_NO_LOG configuration in some scenarios.
local
low complexity
redhat fedoraproject CWE-116
5.5
2022-03-16 CVE-2021-20180 Information Exposure Through Log Files vulnerability in Redhat Ansible
A flaw was found in ansible module where credentials are disclosed in the console log by default and not protected by the security feature when using the bitbucket_pipeline_variable module.
local
low complexity
redhat CWE-532
5.5
2021-05-26 CVE-2021-20191 A flaw was found in ansible.
local
low complexity
oracle redhat
5.5
2021-05-26 CVE-2021-20178 A flaw was found in ansible module where credentials are disclosed in the console log by default and not protected by the security feature when using the bitbucket_pipeline_variable module.
local
low complexity
redhat fedoraproject
5.5
2021-04-01 CVE-2021-3447 A flaw was found in several ansible modules, where parameters containing credentials, such as secrets, were being logged in plain-text on managed nodes, as well as being made visible on the controller node when run in verbose mode.
local
low complexity
redhat fedoraproject
5.5
2020-10-05 CVE-2020-25635 Improper Cross-boundary Removal of Sensitive Data vulnerability in Redhat Ansible 2.10.1
A flaw was found in Ansible Base when using the aws_ssm connection plugin as garbage collector is not happening after playbook run is completed.
local
low complexity
redhat CWE-212
5.5
2020-05-15 CVE-2020-10744 Race Condition vulnerability in Redhat Ansible and Ansible Tower
An incomplete fix was found for the fix of the flaw CVE-2020-1733 ansible: insecure temporary directory when running become_user from become directive.
local
high complexity
redhat CWE-362
5.0
2020-03-16 CVE-2020-1740 A flaw was found in Ansible Engine when using Ansible Vault for editing encrypted files.
local
high complexity
redhat debian fedoraproject
4.7
2020-03-16 CVE-2020-1735 A flaw was found in the Ansible Engine when the fetch module is used.
local
low complexity
redhat debian fedoraproject
4.6
2020-03-11 CVE-2020-1733 Race Condition vulnerability in multiple products
A race condition flaw was found in Ansible Engine 2.7.17 and prior, 2.8.9 and prior, 2.9.6 and prior when running a playbook with an unprivileged become user.
local
high complexity
redhat fedoraproject debian CWE-362
5.0