Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Package Hub 15 SP1 package ansible, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (12)
CVE-2018-16837 — CVSS 7.8 (high): Ansible "User" module leaks any data which is passed on as a parameter to ssh-keygen. This could lean in undesirable situations such as…
CVE-2019-14846 — CVSS 7.8 (high): In Ansible, all Ansible Engine versions up to ansible-engine 2.8.5, ansible-engine 2.7.13, ansible-engine 2.6.19, were logging at the DEBUG…
CVE-2019-14904 — CVSS 7.3 (high): A flaw was found in the solaris_zone module from the Ansible Community modules. When setting the name for the zone on the Solaris host, the…
CVE-2019-10206 — CVSS 6.5 (medium): ansible-playbook -k and ansible cli tools, all versions 2.8.x before 2.8.4, all 2.7.x before 2.7.13 and all 2.6.x before 2.6.19, prompt…
CVE-2019-10217 — CVSS 6.5 (medium): A flaw was found in ansible 2.8.0 before 2.8.4. Fields managing sensitive data should be set as such by no_log feature. Some of these…
CVE-2019-14864 — CVSS 6.5 (medium): Ansible, versions 2.9.x before 2.9.1, 2.8.x before 2.8.7 and Ansible versions 2.7.x before 2.7.15, is not respecting the flag no_log set it…
CVE-2019-14905 — CVSS 5.6 (medium): A vulnerability was found in Ansible Engine versions 2.9.x before 2.9.3, 2.8.x before 2.8.8, 2.7.x before 2.7.16 and earlier, where in…
CVE-2019-14858 — CVSS 5.5 (medium): A vulnerability was found in Ansible engine 2.x up to 2.8 and Ansible tower 3.x up to 3.5. When a module has an argument_spec with sub…
CVE-2018-16876 — CVSS 5.3 (medium): ansible before versions 2.5.14, 2.6.11, 2.7.5 is vulnerable to a information disclosure flaw in vvv+ mode with no_log on that can lead to…
CVE-2019-3828 — CVSS 4.2 (medium): Ansible fetch module before versions 2.5.15, 2.6.14, 2.7.8 has a path traversal vulnerability which allows copying and overwriting files…
CVE-2018-16859 — CVSS 4.2 (medium): Execution of Ansible playbooks on Windows platforms with PowerShell ScriptBlock logging and Module logging enabled can allow for 'become'…