Redhat Ansible Developer — known CVE vulnerabilities
Every CVE whose affected-product data names Redhat Ansible Developer, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (9)
CVE-2023-3971 — CVSS 7.3 (high): An HTML injection flaw was found in Controller in the user interface settings. This flaw allows an attacker to capture credentials by…
CVE-2023-5764 — CVSS 7.1 (high): A template injection flaw was found in Ansible where a user's controller internal templating operations may remove the unsafe designation…
CVE-2025-9909 — CVSS 6.7 (medium): A flaw was found in the Red Hat Ansible Automation Platform Gateway route creation component. This vulnerability allows credential theft…
CVE-2025-9907 — CVSS 6.7 (medium): A flaw was found in the Red Hat Ansible Automation Platform, Event-Driven Ansible (EDA) Event Stream API. This vulnerability allows…
CVE-2025-9908 — CVSS 6.7 (medium): A flaw was found in the Red Hat Ansible Automation Platform, Event-Driven Ansible (EDA) Event Streams. This vulnerability allows an…
CVE-2023-4380 — CVSS 6.3 (medium): A logic flaw exists in Ansible Automation platform. Whenever a private project is created with incorrect credentials, they are logged in…
CVE-2023-5115 — CVSS 6.3 (medium): An absolute path traversal attack exists in the Ansible automation platform. This flaw allows an attacker to craft a malicious Ansible role…
CVE-2024-10033 — CVSS 6.1 (medium): A vulnerability was found in aap-gateway. A Cross-site Scripting (XSS) vulnerability exists in the gateway component. This flaw allows a…
CVE-2024-0690 — CVSS 5.0 (medium): An information disclosure flaw was found in ansible-core due to a failure to respect the ANSIBLE_NO_LOG configuration in some scenarios…