Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

Advisories

Loading...
High
GSA_kwCzR0hTQS1jcHgzLTkzdzctNDU3eM4AAvlf
amazon.aws.ec2_instance leaks passwords into logs when tower_callback.windows is set
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Published: 3 months ago
High
GSA_kwCzR0hTQS01cnJnLXJyODkteDltds4AArM7
Ansible vulnerable to Exposure of Sensitive Information
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Published: 9 months ago
Moderate
GSA_kwCzR0hTQS1jcW1yLXJjcHItY3hoM84AAiwJ
Ansible password prompts could expose passwords
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Published: 9 months ago
Moderate
GSA_kwCzR0hTQS1maDV2LTVmMzUtMnJ2Ms0zsQ
Insertion of Sensitive Information into Log File in ansible
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Published: 11 months ago
Moderate
GSA_kwCzR0hTQS00cjY1LTM1cXEtY2g4as0wGw
Ansible discloses sensitive information in traceback error message
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Published: 11 months ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTc4NXgtcXc0di02ODcy
Improper Output Neutralization and Improper Encoding or Escaping of Output for Logs in ansible
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Published: 12 months ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWY4NWgtMjNtZi0yZndo
Argument Injection in Ansible
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Published: 12 months ago
Low
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXg3amgtNTk1cS13cTgy
Incorrect Permission Assignment for Critical Resource in Ansible
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Published: 12 months ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZwOWotcmdocS04amho
Exposure of Resource to Wrong Sphere and Insecure Temporary File in Ansible
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Published: 12 months ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWo2NjctYzJobS1mMndw
Insertion of Sensitive Information into Log File and Improper Output Neutralization for Logs in ansible
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Published: 12 months ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWgzOXEtOTVxNS05amZw
OS Command Injection in ansible
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Published: 12 months ago
Moderate
GSA_kwCzR0hTQS1wNzVqLXdjMzQtNTI3Y80Wdg
Exposure of Sensitive Information to an Unauthorized Actor in ansible
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Published: over 1 year ago
High
GSA_kwCzR0hTQS0ycGZoLXE3NngtZ3d2bc0V9w
Improper Input Validation and Command Injection in Ansible
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Published: over 1 year ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXI2aDctNXBxMi1qNzdo
Insufficiently random values in Ansible
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Published: over 1 year ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXd2NXAtZ21tdi13aDl2
Insertion of Sensitive Information into Log File in ansible
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Published: over 1 year ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLThmNG0taGNjYy04cXBo
Insertion of Sensitive Information into Log File in ansible
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Published: over 1 year ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWc0bXEtNmZwNS1xd2Nm
Exposure of Resource to Wrong Sphere and Insecure Temporary File in Ansible
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Published: almost 2 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZyeGotNWoyNy1mOHJm
Externally Controlled Reference to a Resource in Another Sphere, Improper Input Validation, and External Control of File Name or Path in Ansible
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Published: almost 2 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTNjNjctZ2M0OC05ODN3
Path Traversal in Ansible
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Published: almost 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWd3cjgtNWo4My00ODNj
OS Command Injection and Improper Input Validation in ansible
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Published: almost 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW00MjktZmhtdi1jNnEy
Improper Verification of Cryptographic Signature
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Published: almost 2 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWoyaDYtNzN4OC0yMmM0
Exposure of Sensitive Information to an Unauthorized Actor in ansible
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Published: almost 2 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTg5M2gtMzV2NC1teHF4
Path Traversal in Ansible
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Published: almost 2 years ago
Low
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZjZzgtOThxOC1nN21q
Exposure of Sensitive Information to an Unauthorized Actor and Insecure Temporary File in Ansible
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Published: almost 2 years ago
Low
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXA2MmctamhnNi12M3Jx
Code Injection, Race Condition, and Execution with Unnecessary Privileges in Ansible
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Published: almost 2 years ago
Low
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTc3ZzMtM2o1dy02NHc0
Exposure of Resource to Wrong Sphere and Insecure Temporary File in Ansible
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Published: almost 2 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWdmcjItcXB4aC1xajlt
Path Traversal in Ansible
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Published: almost 2 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTg2aHAtY2o5ai0zM3Z2
Insertion of Sensitive Information into Log File, Invocation of Process Using Visible Sensitive Information, and Exposure of Sensitive Information to an Unauthorized Actor in Ansible
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Published: almost 2 years ago
Low
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTkyM3AtZnIyYy1nNW0y
Exposure of Sensitive Information to an Unauthorized Actor in Ansible
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Published: almost 2 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTNtOTMtbTRxNi1tYzZ2
Inclusion of Sensitive Information in Log Files and Improper Output Neutralization for Logs in Ansible
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Published: almost 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWdyZ20tcHBoNS1qNWg3
Exposure of Sensitive Information to an Unauthorized Actor in ansible
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Published: over 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTc0dnEtaDRxOC14Nmp2
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in Ansible
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Published: almost 4 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXc2NGMtcHhqai1oODY2
Moderate severity vulnerability that affects ansible
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Published: over 4 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJoNngtcXZnNy1ycm1q
High severity vulnerability that affects ansible
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Published: over 4 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTl4NnEtNTQyMy13NXY5
Ansible fails to cache SSH host keys
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Published: over 4 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXg0Y20tbTM2aC1jNnFq
Improper Input Validation in ansible
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Published: over 4 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWNtd3gtOW0yaC14N3Y0
Ansible apt_key module does not properly verify key fingerprint
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Published: over 4 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWp3Y2Mtajc4dy1qNzN3
High severity vulnerability that affects ansible
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Published: over 4 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWpnNGYtanFtNS00bWdx
Ansible fails to properly sanitize fact variables sent from the Ansible controller
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Published: over 4 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW05NTYtZnJmNC1tMndy
Ansible is vulnerable to an improper input validation in Ansible's handling of data sent from client systems
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Published: over 4 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXc1Nzgtajk5Mi01NTR4
Ansible fails to properly mark lookup-plugin results as unsafe
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Published: over 4 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWMydzktNDhxYy1xcGo0
Code injection in ansible
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Published: over 4 years ago
Filter by Package
tensorflow 403 tensorflow-gpu 366 tensorflow-cpu 366 apache-airflow 43 ansible 42 django 42 rdiffweb 40 Pillow 39 opencv-contrib-python 30 opencv-python 30 matrix-synapse 20 Plone 20 apache-superset 20 notebook 13 pyftpdlib 13 onionshare-cli 11 Django 11 twisted 10 vyper 10 calibreweb 9 waitress 9 opencv-python-headless 9 OctoPrint 8 pyload-ng 8 opencv-contrib-python-headless 8 urllib3 7 pillow 7 pysaml2 7 numpy 7 tensorflow-lite 7 Flask-AppBuilder 6 lief 6 ipython 6 inventree 6 python-gnupg 6 cobbler 6 wagtail 6 Zope2 6 Zope 5 bleach 5 matrix-sydent 5 salt 5 modoboa 5 tuf 5 pip 5 feedparser 5 lxml 5 cryptography 5 awsiotsdk 4 software.amazon.awssdk.iotdevicesdk:aws-iot-device-sdk 4 qutebrowser 4 scrapy 4 aws-iot-device-sdk-v2 4 nvflare 4 Flask-Security-Too 4 gerapy 4 graphite-web 4 markdown2 4 nltk 4 FreeTAKServer-UI 4 jupyter-server 4 plone.app.event 3 bitlyshortener 3 plone.app.theming 3 plone.app.dexterity 3 plone.supermodel 3 indy-node 3 ujson 3 omero-web 3 Pygments 3 Products.PluggableAuthService 3 ansible-runner 3 jupyterhub 3 fava 3 pyspark 3 requests 3 Jinja2 3 bottle 3 paramiko 3 werkzeug 3 oauthenticator 3 poetry 3 quokka 3 pyyaml 3 httpie 3 mistune 3 mitmproxy 3 Weblate 3 django-helpdesk 3 ecdsa 3 datasette 3 protobuf 3 aubio 3 moin 3 mayan-edms 3 ubi-reader 2 google/protobuf 2 typed-ast 2 github.com/protocolbuffers/protobuf 2 com.google.protobuf:protobuf-parent 2 Google.Protobuf 2 aioxmpp 2 aiohttp-session 2 SQLAlchemy 2 dompurify 2 simiki 2 parlai 2 pycrypto 2 bikeshed 2 openzeppelin-cairo-contracts 2 mako 2 plone 2 webargs 2 keystone 2 sickrage 2 py 2 aiohttp 2 rsa 2 httplib2 2 openapi-python-client 2 rpyc 2 sanic 2 wagtail-2fa 2 flask 2 ckan 2 keyring 2 petl 2 aws-encryption-sdk-cli 2 indico 2 Twisted 2 apache-iotdb 2 distributed 2 pyjwt 2 reportlab 2 html5lib 2 autobahn 2 flower 2 djangorestframework 2 untangle 2 org.apache.spark:spark-core 2 python-cjson 2 Red-DiscordBot 2 red-arrow 2 pyarrow 2 uvicorn 2 logilab-common 2 pyopenssl 2 django-sendfile2 2 websockets 2 python-ldap 2 safeurl-python 2 tryton 2 superset 2 pywasm3 2 tflite 2 paddlepaddle 2 ctx 2 guarddog 2 pgadmin4 2 roundup 2 pytorch-lightning 2 starkbank-ecdsa 2 saleor 2 python-keystoneclient 2 binwalk 2 tlslite-ng 2 FreeTAKServer 2 archivy 2 scout-browser 2 proteus 2 trytond 2 django-anymail 2 python-libnmap 2 localstack 2 gradio 2 Products.CMFPlone 2 nova 2 mailman 2 django-unicorn 2 aws-encryption-sdk 2 shuup 2 django-mfa3 1 flask-session-captcha 1 url_regex 1 xmpp-http-upload 1 blazar-dashboard 1 aleksis-core 1 ihatemoney 1 ipa 1 amundsen-frontend 1 datasette-graphql 1 py-mini-racer 1 red-dashboard 1 validators 1 Werkzeug 1 botframework-connector 1 tenable-jira-cloud 1 PyYAML 1 django-rest-registration 1 alerta-server 1 jupyter_server 1 jinja2 1 guake 1 django-photologue 1 plone.app.users 1 gunicorn 1 django-registration 1 io.github.talelin:lin-cms-core 1 Lin-CMS 1 invenio-records 1 papermerge 1 sopel-modules.weather 1 invenio-communities 1 Flask-Caching 1 asyncpg 1 supervisor 1 svglib 1 jw.util 1 contentful 1 Flask-User 1 api-res-py 1 mysql-connector-python 1 jupyter-notebook 1 xml2rfc 1 openssh-key-parser 1 swift 1 fastapi 1 Products.PasswordResetTool 1 modulemd 1 mpmath 1 python-fedora 1 exotel 1 Kotti 1 cinder 1 glance 1 PyInstaller 1 barbican 1 oslo-utils 1 onnx 1 Flask-Unchained 1 XML2Dict 1 pywin32 1 django-celery-results 1 Glances 1 future 1 django-termsandconditions 1 ladon 1 libtaxii 1 omero-figure 1 pipenv 1 mitogen 1 dnslib 1 django-cms 1 recommender-xblock 1 collective.task 1 SentineloneSDK 1 pywb 1 django-widgy 1 django-crm 1 pulsar-client 1 mat2 1 cvxopt 1 sqlite-web 1 CoAPthon 1 nbdime 1 celery 1 sqla-yaml-fixtures 1 conference-scheduler-cli 1 topydo 1 tripleo-heat-templates 1 ipycache 1 AccessControl 1 sqlparse 1 pypiserver 1 GitPython 1 pikepdf 1 pydantic 1 Scrapy 1 django-nopassword 1 cryptoauthlib 1 com.amazonaws:aws-encryption-sdk-java 1 fastecdsa 1 mkdocs 1 pybluemonday 1 github.com/microcosm-cc/bluemonday 1 rucio-webui 1 babel 1 django-two-factor-auth 1 org.apache.iotdb:iotdb-server 1 com.starkbank:ecdsa-java 1 starkbank-ecdsa 1 starkbank-ecdsa 1 mlflow 1 Shinken 1 wiki 1 apprise 1 APKLeaks 1 django-basic-auth-ip-whitelist 1 nbdime 1 yamale 1