ansible vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the ansible package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free

Vulnerability	Vulnerable Version
L CVE-2025-14010	*
M Improper Input Validation	<5.4.0-1
M Incorrect Authorization	<5.4.0-1
L Information Exposure Through Log Files	<5.4.0-1
M Improper Encoding or Escaping of Output	<5.4.0-1
H CVE-2023-5764	<5.4.0-1
M Directory Traversal	<5.4.0-1
H CVE-2023-4237	<9.4.0+dfsg-1
H CVE-2022-3697	<7.0.0+dfsg-1
H Arbitrary Command Injection	<5.4.0-1
M Information Exposure	<5.4.0-1
M Information Exposure Through Log Files	<2.10.7+merged+base+2.10.8+dfsg-1
H Information Exposure	<2.10.7+merged+base+2.10.8+dfsg-1
M Information Exposure Through Log Files	<2.10.7-1
M Information Exposure Through Log Files	<2.10.7-1
M Information Exposure Through Log Files	<2.10.7-1
L Improper Verification of Cryptographic Signature	<2.9.13+dfsg-1
M Information Exposure Through Log Files	<2.9.13+dfsg-1
M Information Exposure Through Log Files	<2.9.13+dfsg-1
M Exposure of Resource to Wrong Sphere	<2.9.13+dfsg-1
M Use of Insufficiently Random Values	<2.9.6+dfsg-1
M Directory Traversal	<2.9.7+dfsg-1
H Arbitrary Code Injection	<2.9.7+dfsg-1
M Exposure of Resource to Wrong Sphere	<2.9.7+dfsg-1
M Information Exposure Through Log Files	<2.9.16+dfsg-1
M Information Exposure	<2.9.7+dfsg-1
L Incorrect Permission Assignment for Critical Resource	*
L Directory Traversal	<2.9.7+dfsg-1
M Exposure of Resource to Wrong Sphere	<2.9.7+dfsg-1
L OS Command Injection	*
L Information Exposure	<2.9.7+dfsg-1
M Directory Traversal	<2.9.7+dfsg-1
L Arbitrary Argument Injection	*
M Information Exposure	<2.9.7+dfsg-1
H Always-Incorrect Control Flow Implementation	<1.5.4+dfsg-1
L OS Command Injection	<2.9.4+dfsg-1
L Externally Controlled Reference to a Resource in Another Sphere	<2.9.4+dfsg-1
L Information Exposure Through Log Files	<2.9.2+dfsg-1
M Information Exposure Through Log Files	<2.8.6+dfsg-1
L Information Exposure Through Log Files	<2.8.6+dfsg-1
M Information Exposure	<2.8.6+dfsg-1
M Improper Input Validation	<2.8.6+dfsg-1
L Information Exposure	<2.8.3+dfsg-1
M Directory Traversal	<2.7.7+dfsg-1
M Information Exposure	<2.7.6+dfsg-1
H Missing Encryption of Sensitive Data	<2.7.1+dfsg-1
H Untrusted Search Path	<2.6.1+dfsg-1
H Improper Input Validation	<2.6.1+dfsg-1
M Improper Input Validation	<2.2.0.0-4
L Information Exposure Through Log Files	<2.5.5+dfsg-1
C Arbitrary Command Injection	<2.2.0.0-1
H Key Management Errors	<2.2.0.0-1
M Insufficiently Protected Credentials	<1.5.5+dfsg-1
C Improper Input Validation	<2.3.1.0+dfsg-1
C Arbitrary Code Injection	<1.6.8+dfsg-1
C Arbitrary Code Injection	<1.6.8+dfsg-1
M Insufficiently Protected Credentials	<1.5.5+dfsg-1
M Information Exposure	<1.5.5+dfsg-1
C Improper Input Validation	<1.5.5+dfsg-1
C Arbitrary Code Injection	<1.6.6+dfsg-1
H Improper Input Validation	<2.2.1.0-2
H Key Management Errors	<1.3.4+dfsg-1
H Improper Input Validation	<2.2.0.0-3
L Information Exposure Through Log Files	<2.4.2.0+dfsg-1
H Improper Input Validation	<1.7.0+dfsg-1
L Link Following	<1.9.2+dfsg-1
H Link Following	<2.0.1.0-2
L Insufficient Verification of Data Authenticity	<1.9.2+dfsg-1
L Access Restriction Bypass	<1.3.4+dfsg-1

Vulnerability

Vulnerable Version

CVE-2025-14010