Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

pypi ansible Security Advisories

Loading...
Moderate
GSA_kwCzR0hTQS1qcHZ3LXA4cHItOWcyeM4AA4D9
Ansible symlink attack vulnerability
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 26.3
Published: 7 months ago
High
GSA_kwCzR0hTQS1jcHgzLTkzdzctNDU3eM4AAvlf
Ansible leaks password to logs
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 31.3
Published: over 1 year ago
High
GSA_kwCzR0hTQS01cnJnLXJyODkteDltds4AArM7
Ansible Exposes Sensitive Information
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 31.3
Published: about 2 years ago
Critical
GSA_kwCzR0hTQS02NmM3LTVwd3YtbW0zas4AArAK
Ansible Code Injection Vulnerability
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 40.8
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS02ZnEyLXg2NXYtdjloN84AAiyz
Ansible password prompts could expose passwords
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 27.1
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS1jcW1yLXJjcHItY3hoM84AAiwJ
Ansible password prompts could expose passwords
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 27.1
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS1oNjUzLTk1cXctaDJtcM4AAiYA
Ansible leaks sensitive information to logs when told not to
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 22.9
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS02NjY3LWY0NnAtcGc4OM4AAgXE
Ansible sets unsafe permissions for sources.list
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 22.9
Published: about 2 years ago
Critical
GSA_kwCzR0hTQS1xZzQ3LTVweDktMzJnN84AAgXC
Ansible Remote Code Execution
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 40.8
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS01ZzR2LTJwYzYtNGhoNM4AAgXD
Ansible Sensitive Files Are Locally Readable
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 22.9
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS01eG00LWptcHctcDZqM84AAgXF
Ansible discloses credential information
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 22.9
Published: about 2 years ago
Critical
GSA_kwCzR0hTQS02NGN3LW01N2otNjV4as4AAgWy
Ansible Arbitrary Code Execution
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 40.8
Published: about 2 years ago
Critical
GSA_kwCzR0hTQS13cXE1LWM4OXAtM3djM84AAgWx
Ansible Arbitrary Code Execution
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 40.8
Published: about 2 years ago
High
GSA_kwCzR0hTQS00OW01LTI4MzgtcTJyds4AAgUo
Ansible unsafe evaluation of some strings
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 31.3
Published: about 2 years ago
High
GSA_kwCzR0hTQS00Y3ZtLTU3NzYtang5Zs4AAU8V
Ansible Arbitrary Code Execution
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 36.7
Published: about 2 years ago
Low
GSA_kwCzR0hTQS1wY3F2LWM0NnYtMnA0ds4AAU8C
Ansible Arbitrary File Overwrite Vulnerability
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS12NzM1LTJwcDYtaDg2cs4AATtv
Ansible Logs Passwords If PowerShell ScriptBlock is Enabled
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 18.3
Published: about 2 years ago
High
GSA_kwCzR0hTQS13d3doLTQ3d3AtbTUyMs4AATHG
Ansible Sandbox Escape via Symlink Attack
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 32.5
Published: about 2 years ago
High
GSA_kwCzR0hTQS1od3JtLTYzdjItNDJnNM4AASvc
Ansible Leaks Data Passed to ssh-keygen
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 32.5
Published: about 2 years ago
High
GSA_kwCzR0hTQS1mYzRoLTQ2N3ctNDZyaM3uLg
Ansible Arbitrary Code Execution
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 32.5
Published: about 2 years ago
High
GSA_kwCzR0hTQS0zeHZnLXg0N2oteDc1d83uSg
Ansible Improper Input Validation vulnerability
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 32.5
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS1qNTY5LWZnaHctZjlyeM3uUg
Ansible sensitive information disclosure
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 22.1
Published: about 2 years ago
High
GSA_kwCzR0hTQS0zbThwLXhwbTYtOHd3M83uRQ
Ansible Arbitrary Code Execution
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 33.3
Published: about 2 years ago
Critical
GSA_kwCzR0hTQS01ODh3LXc2bXYtM2N3Nc3sUg
Ansible Insertion of Sensitive Information into Log File vulnerability
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 40.8
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS1maDV2LTVmMzUtMnJ2Ms0zsQ
Insertion of Sensitive Information into Log File in ansible
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 22.9
Published: over 2 years ago
Moderate
GSA_kwCzR0hTQS00cjY1LTM1cXEtY2g4as0wGw
Ansible discloses sensitive information in traceback error message
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 22.9
Published: over 2 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTc4NXgtcXc0di02ODcy
Improper Output Neutralization and Improper Encoding or Escaping of Output for Logs in ansible
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 22.9
Published: over 2 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWY4NWgtMjNtZi0yZndo
Argument Injection in Ansible
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 16.3
Published: over 2 years ago
Low
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXg3amgtNTk1cS13cTgy
Incorrect Permission Assignment for Critical Resource in Ansible
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 13.8
Published: over 2 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZwOWotcmdocS04amho
Exposure of Resource to Wrong Sphere and Insecure Temporary File in Ansible
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 20.8
Published: over 2 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWo2NjctYzJobS1mMndw
Insertion of Sensitive Information into Log File and Improper Output Neutralization for Logs in ansible
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 22.9
Published: over 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWgzOXEtOTVxNS05amZw
OS Command Injection in ansible
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 30.8
Published: over 2 years ago
Moderate
GSA_kwCzR0hTQS1wNzVqLXdjMzQtNTI3Y80Wdg
Exposure of Sensitive Information to an Unauthorized Actor in ansible
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 27.1
Published: over 2 years ago
High
GSA_kwCzR0hTQS0ycGZoLXE3NngtZ3d2bc0V9w
Improper Input Validation and Command Injection in Ansible
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 29.6
Published: almost 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXI2aDctNXBxMi1qNzdo
Insufficiently random values in Ansible
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 20.8
Published: about 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXd2NXAtZ21tdi13aDl2
Insertion of Sensitive Information into Log File in ansible
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 22.9
Published: about 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLThmNG0taGNjYy04cXBo
Insertion of Sensitive Information into Log File in ansible
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 22.9
Published: about 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWc0bXEtNmZwNS1xd2Nm
Exposure of Resource to Wrong Sphere and Insecure Temporary File in Ansible
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 20.8
Published: about 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZyeGotNWoyNy1mOHJm
Externally Controlled Reference to a Resource in Another Sphere, Improper Input Validation, and External Control of File Name or Path in Ansible
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 23.3
Published: about 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTNjNjctZ2M0OC05ODN3
Path Traversal in Ansible
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 21.7
Published: about 3 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWd3cjgtNWo4My00ODNj
OS Command Injection and Improper Input Validation in ansible
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 30.4
Published: about 3 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW00MjktZmhtdi1jNnEy
Improper Verification of Cryptographic Signature in ansible
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 29.6
Published: about 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWoyaDYtNzN4OC0yMmM0
Exposure of Sensitive Information to an Unauthorized Actor in ansible
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 20.8
Published: about 3 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTg5M2gtMzV2NC1teHF4
Path Traversal in Ansible
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 32.5
Published: about 3 years ago
Low
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZjZzgtOThxOC1nN21q
Exposure of Sensitive Information to an Unauthorized Actor and Insecure Temporary File in Ansible
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 19.6
Published: over 3 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXA2MmctamhnNi12M3Jx
Code Injection, Race Condition, and Execution with Unnecessary Privileges in Ansible
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 29.6
Published: over 3 years ago
Low
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTc3ZzMtM2o1dy02NHc0
Exposure of Resource to Wrong Sphere and Insecure Temporary File in Ansible
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 22.9
Published: over 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWdmcjItcXB4aC1xajlt
Path Traversal in Ansible
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 19.2
Published: over 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTg2aHAtY2o5ai0zM3Z2
Insertion of Sensitive Information into Log File, Invocation of Process Using Visible Sensitive Information, and Exposure of Sensitive Information to an Unauthorized Actor in Ansible
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 22.9
Published: over 3 years ago
Low
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTkyM3AtZnIyYy1nNW0y
Exposure of Sensitive Information to an Unauthorized Actor in Ansible
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 16.3
Published: over 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTNtOTMtbTRxNi1tYzZ2
Inclusion of Sensitive Information in Log Files and Improper Output Neutralization for Logs in Ansible
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 27.1
Published: over 4 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWdyZ20tcHBoNS1qNWg3
Exposure of Sensitive Information to an Unauthorized Actor in ansible
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 22.5
Published: almost 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTc0dnEtaDRxOC14Nmp2
Ansible Path Traversal vulnerability
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 17.5
Published: about 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXc2NGMtcHhqai1oODY2
Ansible does not verify that the server hostname matches a domain name in certificates
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 6 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJoNngtcXZnNy1ycm1q
Link Following in ansible
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 32.5
Published: almost 6 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTl4NnEtNTQyMy13NXY5
Ansible fails to cache SSH host keys
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 30.8
Published: almost 6 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXg0Y20tbTM2aC1jNnFq
Improper Input Validation in ansible
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 20.4
Published: almost 6 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWNtd3gtOW0yaC14N3Y0
Ansible apt_key module does not properly verify key fingerprint
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 31.3
Published: almost 6 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWp3Y2Mtajc4dy1qNzN3
Ansible exposes sensitive data in log files and on the terminal
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 24.6
Published: almost 6 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWpnNGYtanFtNS00bWdx
Ansible fails to properly sanitize fact variables sent from the Ansible controller
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 37.9
Published: almost 6 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW05NTYtZnJmNC1tMndy
Ansible is vulnerable to an improper input validation in Ansible's handling of data sent from client systems
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 33.8
Published: almost 6 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXc1Nzgtajk5Mi01NTR4
Ansible fails to properly mark lookup-plugin results as unsafe
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 40.8
Published: almost 6 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWMydzktNDhxYy1xcGo0
Code injection in ansible
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 32.5
Published: almost 6 years ago
Statistics
Advisories: 19,479
Packages: 8,596
Repositories: 8
Ecosystems: 12
Filter by Package
tensorflow 432 tensorflow-cpu 387 tensorflow-gpu 384 apache-airflow 80 django 80 ansible 63 salt 55 Plone 52 apache-superset 50 nova 47 mlflow 46 plone 43 rdiffweb 42 Pillow 41 vyper 38 Django 36 moin 35 matrix-synapse 35 keystone 31 opencv-contrib-python 30 opencv-python 30 glance 20 langchain 19 gradio 18 cobbler 17 mercurial 17 PaddlePaddle 17 pillow 16 neutron 16 cryptography 15 paddlepaddle 15 notebook 15 modoboa 14 pyftpdlib 14 pyload-ng 14 OctoPrint 13 vantage6 13 ethyca-fides 13 urllib3 12 swift 12 wagtail 12 calibreweb 11 twisted 11 horizon 11 zenml 11 onionshare-cli 11 aiohttp 11 trytond 10 Flask-AppBuilder 10 nautobot 10 ryu 9 waitress 9 cinder 9 opencv-python-headless 9 opencv-contrib-python-headless 9 Zope 9 kiwitcms 9 zope 9 roundup 9 numpy 8 trac 8 python-keystoneclient 8 aubio 8 label-studio 8 pysaml2 7 scrapy 7 jupyter-server 7 lief 7 pgadmin4 7 sentry 7 matrix-sydent 7 ipython 7 pip 7 litellm 7 lollms 7 web2py 6 tornado 6 mindsdb 6 inventree 6 Moin 6 tuf 6 yt-dlp 6 requests 6 lxml 6 graphite-web 6 apache-airflow-providers-apache-hive 6 Zope2 6 mailman 6 python-gnupg 5 nltk 5 omero-web 5 Jinja2 5 pyspark 5 ckan 5 Products.CMFPlone 5 lmdb 5 saleor 5 feedparser 5 oauthenticator 5 whoogle-search 5 bleach 5 paramiko 5 markdown2 4 Scrapy 4 jupyterhub 4 Radicale 4 qutebrowser 4 PyPDF2 4 transformers 4 FreeTAKServer-UI 4 GitPython 4 reportlab 4 keylime 4 Pygments 4 buildbot 4 httpie 4 esphome 4 Weblate 4 tripleo-heat-templates 4 pretix 4 awsiotsdk 4 aws-iot-device-sdk-v2 4 software.amazon.awssdk.iotdevicesdk:aws-iot-device-sdk 4 jwcrypto 4 bottle 4 grpcio 4 grpc 4 starlette 4 werkzeug 4 Flask-Security-Too 4 ansible-core 4 datasette 4 Keystone 4 Werkzeug 4 barbican 4 nvflare 4 apache-iotdb 3 rsa 3 copyparty 3 fava 3 flask 3 apache-airflow-providers-apache-spark 3 pyyaml 3 Nova 3 SQLAlchemy 3 apache-libcloud 3 vanna 3 Kallithea 3 langchain-experimental 3 mitmproxy 3 mayan-edms 3 pandasai 3 certifi 3 protobuf 3 indico 3 ray 3 streamlit 3 dtale 3 asyncssh 3 keyring 3 pyarrow 3 changedetection.io 3 wger 3 asyncua 3 ajenti 3 dbt-core 3 sanic 3 scikit-learn 3 llama-index 3 ansible-runner 3 dulwich 3 octavia 3 slixmpp 3 clearml 3 docassemble.webapp 3 quokka 3 pycrypto 3 plone.app.event 3 plone.app.theming 3 plone.app.dexterity 3 plone.supermodel 3 Red-DiscordBot 3 django-helpdesk 3 sqlparse 3 ujson 3 jupyter-server-proxy 3 io.grpc:grpc-protobuf 3 Mezzanine 3 sickrage 3 sosreport 3 httplib2 3 torchserve 3 homeassistant 3 onnx 3 python-jose 3 jupyterlab 3 poetry 3 localstack 3 mistune 3 openvpn-monitor 3