Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

pypi ansible Security Advisories

Browse all Security Advisories for pypi ansible

Loading...
Moderate
GSA_kwCzR0hTQS1qcHZ3LXA4cHItOWcyeM4AA4D9
Ansible symlink attack vulnerability
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 26.3
Published: 11 months ago
High
GSA_kwCzR0hTQS1jcHgzLTkzdzctNDU3eM4AAvlf
Ansible leaks password to logs
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 31.3
Published: about 2 years ago
High
GSA_kwCzR0hTQS01cnJnLXJyODkteDltds4AArM7
Ansible Exposes Sensitive Information
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 31.3
Published: over 2 years ago
Critical
GSA_kwCzR0hTQS02NmM3LTVwd3YtbW0zas4AArAK
Ansible Code Injection Vulnerability
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 40.8
Published: over 2 years ago
High
GSA_kwCzR0hTQS02ZnEyLXg2NXYtdjloN84AAiyz
Ansible password prompts could expose passwords
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 27.1
Published: over 2 years ago
High
GSA_kwCzR0hTQS1jcW1yLXJjcHItY3hoM84AAiwJ
Ansible password prompts could expose passwords
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 27.1
Published: over 2 years ago
Moderate
GSA_kwCzR0hTQS1oNjUzLTk1cXctaDJtcM4AAiYA
Ansible leaks sensitive information to logs when told not to
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 22.9
Published: over 2 years ago
High
GSA_kwCzR0hTQS1wbTQ4LWN2djItMjlxNc4AAiSN
Ansible Uses Plugins That Disclose Credentials
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 32.5
Published: over 2 years ago
Critical
GSA_kwCzR0hTQS1xZzQ3LTVweDktMzJnN84AAgXC
Ansible Remote Code Execution
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 40.8
Published: over 2 years ago
Moderate
GSA_kwCzR0hTQS01eG00LWptcHctcDZqM84AAgXF
Ansible discloses credential information
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 22.9
Published: over 2 years ago
Moderate
GSA_kwCzR0hTQS01ZzR2LTJwYzYtNGhoNM4AAgXD
Ansible Sensitive Files Are Locally Readable
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 22.9
Published: over 2 years ago
Moderate
GSA_kwCzR0hTQS02NjY3LWY0NnAtcGc4OM4AAgXE
Ansible sets unsafe permissions for sources.list
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 22.9
Published: over 2 years ago
Critical
GSA_kwCzR0hTQS13cXE1LWM4OXAtM3djM84AAgWx
Ansible Arbitrary Code Execution
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 40.8
Published: over 2 years ago
Critical
GSA_kwCzR0hTQS02NGN3LW01N2otNjV4as4AAgWy
Ansible Arbitrary Code Execution
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 40.8
Published: over 2 years ago
High
GSA_kwCzR0hTQS00OW01LTI4MzgtcTJyds4AAgUo
Ansible unsafe evaluation of some strings
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 31.3
Published: over 2 years ago
High
GSA_kwCzR0hTQS00Y3ZtLTU3NzYtang5Zs4AAU8V
Ansible Arbitrary Code Execution
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 36.7
Published: over 2 years ago
Moderate
GSA_kwCzR0hTQS1wY3F2LWM0NnYtMnA0ds4AAU8C
Ansible Arbitrary File Overwrite Vulnerability
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 25.8
Published: over 2 years ago
Moderate
GSA_kwCzR0hTQS12NzM1LTJwcDYtaDg2cs4AATtv
Ansible Logs Passwords If PowerShell ScriptBlock is Enabled
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 18.3
Published: over 2 years ago
High
GSA_kwCzR0hTQS13d3doLTQ3d3AtbTUyMs4AATHG
Ansible Sandbox Escape via Symlink Attack
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 32.5
Published: over 2 years ago
High
GSA_kwCzR0hTQS1od3JtLTYzdjItNDJnNM4AASvc
Ansible Leaks Data Passed to ssh-keygen
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 32.5
Published: over 2 years ago
High
GSA_kwCzR0hTQS1mYzRoLTQ2N3ctNDZyaM3uLg
Ansible Arbitrary Code Execution
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 32.5
Published: over 2 years ago
High
GSA_kwCzR0hTQS0zeHZnLXg0N2oteDc1d83uSg
Ansible Improper Input Validation vulnerability
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 32.5
Published: over 2 years ago
High
GSA_kwCzR0hTQS1qNTY5LWZnaHctZjlyeM3uUg
Ansible sensitive information disclosure
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 22.1
Published: over 2 years ago
High
GSA_kwCzR0hTQS0zbThwLXhwbTYtOHd3M83uRQ
Ansible Arbitrary Code Execution
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 33.3
Published: over 2 years ago
Critical
GSA_kwCzR0hTQS01ODh3LXc2bXYtM2N3Nc3sUg
Ansible Insertion of Sensitive Information into Log File vulnerability
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 40.8
Published: over 2 years ago
Moderate
GSA_kwCzR0hTQS1maDV2LTVmMzUtMnJ2Ms0zsQ
Insertion of Sensitive Information into Log File in ansible
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 22.9
Published: over 2 years ago
Moderate
GSA_kwCzR0hTQS00cjY1LTM1cXEtY2g4as0wGw
Ansible discloses sensitive information in traceback error message
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 22.9
Published: over 2 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTc4NXgtcXc0di02ODcy
Improper Output Neutralization and Improper Encoding or Escaping of Output for Logs in ansible
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 22.9
Published: almost 3 years ago
Low
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWY4NWgtMjNtZi0yZndo
Argument Injection in Ansible
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 16.3
Published: almost 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXg3amgtNTk1cS13cTgy
Incorrect Permission Assignment for Critical Resource in Ansible
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 13.8
Published: almost 3 years ago
Low
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZwOWotcmdocS04amho
Exposure of Resource to Wrong Sphere and Insecure Temporary File in Ansible
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 20.8
Published: almost 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWo2NjctYzJobS1mMndw
Insertion of Sensitive Information into Log File and Improper Output Neutralization for Logs in ansible
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 22.9
Published: almost 3 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWgzOXEtOTVxNS05amZw
OS Command Injection in ansible
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 30.8
Published: almost 3 years ago
High
GSA_kwCzR0hTQS1wNzVqLXdjMzQtNTI3Y80Wdg
Exposure of Sensitive Information to an Unauthorized Actor in ansible
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 27.1
Published: about 3 years ago
High
GSA_kwCzR0hTQS0ycGZoLXE3NngtZ3d2bc0V9w
Improper Input Validation and Command Injection in Ansible
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 29.6
Published: about 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXI2aDctNXBxMi1qNzdo
Insufficiently random values in Ansible
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 20.8
Published: over 3 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXd2NXAtZ21tdi13aDl2
Insertion of Sensitive Information into Log File in ansible
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 22.9
Published: over 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLThmNG0taGNjYy04cXBo
Insertion of Sensitive Information into Log File in ansible
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 22.9
Published: over 3 years ago
Low
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWc0bXEtNmZwNS1xd2Nm
Ansible vulnerable to Exposure of Resource to Wrong Sphere and Insecure Temporary File
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 20.8
Published: over 3 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZyeGotNWoyNy1mOHJm
Externally Controlled Reference to a Resource in Another Sphere, Improper Input Validation, and External Control of File Name or Path in Ansible
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 23.3
Published: over 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTNjNjctZ2M0OC05ODN3
Path Traversal in Ansible
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 21.7
Published: over 3 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWd3cjgtNWo4My00ODNj
OS Command Injection and Improper Input Validation in ansible
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 30.4
Published: over 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW00MjktZmhtdi1jNnEy
Improper Verification of Cryptographic Signature in ansible
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 29.6
Published: over 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWoyaDYtNzN4OC0yMmM0
Exposure of Sensitive Information to an Unauthorized Actor in ansible
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 20.8
Published: over 3 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTg5M2gtMzV2NC1teHF4
Path Traversal in Ansible
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 32.5
Published: over 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZjZzgtOThxOC1nN21q
Exposure of Sensitive Information to an Unauthorized Actor and Insecure Temporary File in Ansible
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 19.6
Published: over 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXA2MmctamhnNi12M3Jx
Code Injection, Race Condition, and Execution with Unnecessary Privileges in Ansible
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 29.6
Published: over 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTc3ZzMtM2o1dy02NHc0
Exposure of Resource to Wrong Sphere and Insecure Temporary File in Ansible
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 22.9
Published: over 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWdmcjItcXB4aC1xajlt
Path Traversal in Ansible
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 19.2
Published: over 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTg2aHAtY2o5ai0zM3Z2
Insertion of Sensitive Information into Log File, Invocation of Process Using Visible Sensitive Information, and Exposure of Sensitive Information to an Unauthorized Actor in Ansible
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 22.9
Published: over 3 years ago
Low
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTkyM3AtZnIyYy1nNW0y
Exposure of Sensitive Information to an Unauthorized Actor in Ansible
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 16.3
Published: over 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTNtOTMtbTRxNi1tYzZ2
Inclusion of Sensitive Information in Log Files and Improper Output Neutralization for Logs in Ansible
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 27.1
Published: over 4 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWdyZ20tcHBoNS1qNWg3
Exposure of Sensitive Information to an Unauthorized Actor in ansible
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 22.5
Published: over 5 years ago
Low
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTc0dnEtaDRxOC14Nmp2
Ansible Path Traversal vulnerability
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 17.5
Published: over 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXc2NGMtcHhqai1oODY2
Ansible does not verify that the server hostname matches a domain name in certificates
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 31.3
Published: about 6 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJoNngtcXZnNy1ycm1q
Link Following in ansible
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 32.5
Published: about 6 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTl4NnEtNTQyMy13NXY5
Ansible fails to cache SSH host keys
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 30.8
Published: about 6 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXg0Y20tbTM2aC1jNnFq
Improper Input Validation in ansible
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 20.4
Published: about 6 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWNtd3gtOW0yaC14N3Y0
Ansible apt_key module does not properly verify key fingerprint
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 31.3
Published: about 6 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWp3Y2Mtajc4dy1qNzN3
Ansible exposes sensitive data in log files and on the terminal
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 24.6
Published: about 6 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWpnNGYtanFtNS00bWdx
Ansible fails to properly sanitize fact variables sent from the Ansible controller
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 37.9
Published: about 6 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW05NTYtZnJmNC1tMndy
Ansible is vulnerable to an improper input validation in Ansible's handling of data sent from client systems
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 33.8
Published: about 6 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXc1Nzgtajk5Mi01NTR4
Ansible fails to properly mark lookup-plugin results as unsafe
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 40.8
Published: about 6 years ago
Statistics
Advisories: 20,668
Packages: 9,040
Repositories: 6
Ecosystems: 12
Filter by Severity
Moderate 8,836 High 7,269 Critical 3,070 Low 1,144
Filter by Ecosystem
maven 5,864 packagist 4,634 pypi 4,352 npm 3,812 go 2,295 nuget 1,552 cargo 882 rubygems 880 swift 33 hex 32 actions 20 pub 9
Filter by Package
tensorflow 433 tensorflow-gpu 427 tensorflow-cpu 423 Django 100 apache-airflow 85 Plone 72 ansible 63 salt 56 apache-superset 51 nova 47 mlflow 46 django 44 rdiffweb 42 plone 41 vyper 38 moin 35 matrix-synapse 35 gradio 34 keystone 31 opencv-python 31 opencv-contrib-python 31 Pillow 31 pillow 26 glance 20 langchain 20 mercurial 18 mindsdb 18 cobbler 18 notebook 17 pyload-ng 16 neutron 16 cryptography 16 paddlepaddle 16 PaddlePaddle 16 OctoPrint 15 calibreweb 15 ethyca-fides 15 modoboa 14 aiohttp 14 pyftpdlib 14 lollms 14 vantage6 13 wagtail 12 urllib3 12 zenml 12 twisted 12 swift 12 roundup 12 waitress 11 onionshare-cli 11 horizon 11 trytond 11 nautobot 10 Flask-AppBuilder 10 sentry 10 opencv-python-headless 10 opencv-contrib-python-headless 10 cinder 9 pyspark 9 kiwitcms 9 ryu 9 python-keystoneclient 9 zope 9 Zope 8 ckan 8 litellm 8 trac 8 numpy 8 pgadmin4 8 ipython 8 aubio 8 label-studio 8 scrapy 7 lief 7 matrix-sydent 7 inventree 7 Products.CMFPlone 7 pysaml2 7 jupyter-server 7 pip 7 requests 6 Zope2 6 tuf 6 Moin 6 yt-dlp 6 changedetection.io 6 web2py 6 apache-airflow-providers-apache-hive 6 graphite-web 6 aim 6 ansible-core 6 mailman 6 lxml 6 tornado 6 mage-ai 6 pretix 5 feedparser 5 jupyterhub 5 grpc 5 Jinja2 5 omero-web 5 grpcio 5 ait-core 5 bleach 5 torchserve 5 nltk 5 oauthenticator 5 lmdb 5 dtale 5 Werkzeug 5 whoogle-search 5 python-gnupg 5 langchain-experimental 5 saleor 5 paramiko 5 werkzeug 5 GitPython 4 Nova 4 langflow 4 tripleo-heat-templates 4 Flask-Security-Too 4 mobsf 4 keylime 4 buildbot 4 Scrapy 4 awsiotsdk 4 aws-iot-device-sdk-v2 4 software.amazon.awssdk.iotdevicesdk:aws-iot-device-sdk 4 Radicale 4 apache-iotdb 4 langchain-community 4 reportlab 4 jwcrypto 4 jupyterlab 4 wasmtime 4 markdown2 4 codechecker 4 indico 4 esphome 4 transformers 4 dbt-core 4 apache-submarine 4 onnx 4 FreeTAKServer-UI 4 pywasm3 4 qutebrowser 4 streamlit 4 nvflare 4 barbican 4 Weblate 4 Keystone 4 PyPDF2 4 open-webui 4 httpie 4 indy-node 4 bottle 4 Pygments 4 quokka 3 bitlyshortener 3 openc3 3 apache-airflow-providers-apache-spark 3 slixmpp 3 ecdsa 3 anki 3 SQLAlchemy 3 fava 3 openc3 3 wger 3 ansible-runner 3 asyncua 3 Products.PluggableAuthService 3 io.grpc:grpc-protobuf 3 llama-index 3 llama-index-core 3 certifi 3 pandasai 3 tinymce/tinymce 3 TinyMCE 3 ajenti 3 asyncssh 3 AccessControl 3 django-tinymce 3 docassemble.webapp 3 clearml 3 pyarrow 3 dulwich 3 tinymce 3 rsa 3 ray 3 vanna 3 keystonemiddleware 3 mysql-connector-python 3 protobuf 3 h2o 3 apache-libcloud 3 sanic 3 torch 3 python-jose 3 mitmproxy 3 sosreport 3
Filter by Repository
https://github.com/ansible/ansible 54 https://github.com/ansible/ansible-modules-core 2 https://github.com/ansible-collections/kubernetes 1 https://github.com/ansible-collections/amazon.aws 1 https://github.com/ansible/ansible-modules-extras 1