11.1.0
11 years ago
19 days ago
Known vulnerabilities in the ansible package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for freeVulnerability | Vulnerable Version |
---|---|
ansible is a simple IT automation system. Affected versions of this package are vulnerable to Credential Exposure in How to fix Credential Exposure? Upgrade | [2.5.0,7.0.0) |
ansible is a simple IT automation system. Affected versions of this package are vulnerable to Information Exposure where user credentials are disclosed by default in the traceback error message of How to fix Information Exposure? Upgrade | [,2.9.27) |
ansible is a simple IT automation system. Affected versions of this package are vulnerable to Command Injection. If a user is trying to put templates in multi-line yaml strings and the facts being handled don't routinely include special template characters, then their controller will be vulnerable to a template injection through the facts used in template. How to fix Command Injection? Upgrade | [,2.9.23) |
ansible is a simple IT automation system. Affected versions of this package are vulnerable to Information Exposure. In several modules parameters containing credentials are being logged in plain-text on managed nodes, as well as being made visible on the controller node when run in verbose mode. These parameters were not protected by the How to fix Information Exposure? Upgrade | [0,2.8.20)[2.9.0,2.9.20) |
ansible is a simple IT automation system. Affected versions of this package are vulnerable to Information Exposure. It leaks sensitive info such as secret values. This could lead in disclosing those credentials for every user which has access to the output of playbook execution. How to fix Information Exposure? Upgrade | [,2.8.19)[2.9.0,2.9.18) |
ansible is a simple IT automation system. Affected versions of this package are vulnerable to Information Exposure. The return value of a specific module i.e. How to fix Information Exposure? Upgrade | [,2.8.19)[2.9.0,2.9.18)[2.10.0,2.10.7) |
ansible is a simple IT automation system. Affected versions of this package are vulnerable to Information Exposure. How to fix Information Exposure? Upgrade | [,2.8.19)[2.9.0,2.9.18) |
ansible is a simple IT automation system. Affected versions of this package are vulnerable to Information Exposure. A few different modules in Ansible-collection leaks sensitive data such as secret values. This could lead in disclosing those credentials for every user which has access to the output of playbook execution. How to fix Information Exposure? Upgrade | [,2.8.19)[2.9.0,2.9.18) |