Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:pypi/ansible@2.10.0a4
Typepypi
Namespace
Nameansible
Version2.10.0a4
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version12.0.0
Latest_non_vulnerable_version12.2.0
Affected_by_vulnerabilities
0
url VCID-4yvf-k192-9fca
vulnerability_id VCID-4yvf-k192-9fca
summary A flaw was found in Ansible if an ansible user sets ANSIBLE_ASYNC_DIR to a subdirectory of a world writable directory. When this occurs, there is a race condition on the managed machine. A malicious, non-privileged account on the remote machine can exploit the race condition to access the async result data. This flaw affects Ansible Tower 3.7 and Ansible Automation Platform 1.2.
references
0
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1956477
reference_id
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1956477
1
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2
reference_url https://security.archlinux.org/AVG-2056
reference_id AVG-2056
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2056
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-3533
reference_id CVE-2021-3533
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2021-3533
fixed_packages
0
url pkg:pypi/ansible@3.0.0
purl pkg:pypi/ansible@3.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-qbdk-hxhg-wbh4
1
vulnerability VCID-ujbp-cc1r-wfe9
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@3.0.0
aliases CVE-2021-3533, PYSEC-2021-126
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4yvf-k192-9fca
1
url VCID-682j-e2pu-1uee
vulnerability_id VCID-682j-e2pu-1uee
summary 
Improper Neutralization of Special Elements Used in a Template Engine
A template injection flaw was found in Ansible where a user's controller internal templating operations may remove the unsafe designation from template data. This issue could allow an attacker to use a specially crafted file to introduce code injection when supplying templating data.
references
0
reference_url https://access.redhat.com/errata/RHSA-2023:7773
reference_id
reference_type
scores
0
value 6.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N
1
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T03:55:28Z/
url https://access.redhat.com/errata/RHSA-2023:7773
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5764.json
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5764.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-5764
reference_id
reference_type
scores
0
value 0.00071
scoring_system epss
scoring_elements 0.2163
published_at 2026-04-08T12:55:00Z
1
value 0.00071
scoring_system epss
scoring_elements 0.21687
published_at 2026-04-09T12:55:00Z
2
value 0.00071
scoring_system epss
scoring_elements 0.21801
published_at 2026-04-04T12:55:00Z
3
value 0.00071
scoring_system epss
scoring_elements 0.21552
published_at 2026-04-07T12:55:00Z
4
value 0.00071
scoring_system epss
scoring_elements 0.21699
published_at 2026-04-11T12:55:00Z
5
value 0.00071
scoring_system epss
scoring_elements 0.21746
published_at 2026-04-02T12:55:00Z
6
value 0.00071
scoring_system epss
scoring_elements 0.2166
published_at 2026-04-12T12:55:00Z
7
value 0.00071
scoring_system epss
scoring_elements 0.21603
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-5764
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2247629
reference_id
reference_type
scores
0
value 6.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N
1
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T03:55:28Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=2247629
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5764
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5764
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://github.com/ansible/ansible
reference_id
reference_type
scores
0
value 6.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible
7
reference_url https://github.com/ansible/ansible/commit/270b39f6ff02511a2199505161218cbd1a5ae34f
reference_id
reference_type
scores
0
value 6.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/270b39f6ff02511a2199505161218cbd1a5ae34f
8
reference_url https://github.com/ansible/ansible/commit/7239d2d371bc6e274cbb7314e01431adce6ae25a
reference_id
reference_type
scores
0
value 6.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/7239d2d371bc6e274cbb7314e01431adce6ae25a
9
reference_url https://github.com/ansible/ansible/commit/fea130480d261ea5bf6fcd5cf19a348f1686ceb1
reference_id
reference_type
scores
0
value 6.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/fea130480d261ea5bf6fcd5cf19a348f1686ceb1
10
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X7Q6CHPVCHMZS5M7V22GOKFSXZAQ24EU
reference_id
reference_type
scores
0
value 6.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X7Q6CHPVCHMZS5M7V22GOKFSXZAQ24EU
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X7Q6CHPVCHMZS5M7V22GOKFSXZAQ24EU/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X7Q6CHPVCHMZS5M7V22GOKFSXZAQ24EU/
12
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1057427
reference_id 1057427
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1057427
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform:2.4::el8
reference_id cpe:/a:redhat:ansible_automation_platform:2.4::el8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform:2.4::el8
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform:2.4::el9
reference_id cpe:/a:redhat:ansible_automation_platform:2.4::el9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform:2.4::el9
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_developer:2.4::el8
reference_id cpe:/a:redhat:ansible_automation_platform_developer:2.4::el8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_developer:2.4::el8
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_developer:2.4::el9
reference_id cpe:/a:redhat:ansible_automation_platform_developer:2.4::el9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_developer:2.4::el9
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_inside:2.4::el8
reference_id cpe:/a:redhat:ansible_automation_platform_inside:2.4::el8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_inside:2.4::el8
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_inside:2.4::el9
reference_id cpe:/a:redhat:ansible_automation_platform_inside:2.4::el9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_inside:2.4::el9
19
reference_url https://access.redhat.com/security/cve/CVE-2023-5764
reference_id CVE-2023-5764
reference_type
scores
0
value 6.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N
1
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T03:55:28Z/
url https://access.redhat.com/security/cve/CVE-2023-5764
20
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-5764
reference_id CVE-2023-5764
reference_type
scores
0
value 6.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-5764
21
reference_url https://github.com/advisories/GHSA-7j69-qfc3-2fq9
reference_id GHSA-7j69-qfc3-2fq9
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-7j69-qfc3-2fq9
22
reference_url https://usn.ubuntu.com/6846-1/
reference_id USN-6846-1
reference_type
scores
url https://usn.ubuntu.com/6846-1/
fixed_packages
0
url pkg:pypi/ansible@3.0.0b1
purl pkg:pypi/ansible@3.0.0b1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4yvf-k192-9fca
1
vulnerability VCID-qbdk-hxhg-wbh4
2
vulnerability VCID-ujbp-cc1r-wfe9
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@3.0.0b1
1
url pkg:pypi/ansible@3.0.0
purl pkg:pypi/ansible@3.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-qbdk-hxhg-wbh4
1
vulnerability VCID-ujbp-cc1r-wfe9
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@3.0.0
aliases CVE-2023-5764, GHSA-7j69-qfc3-2fq9
risk_score 3.2
exploitability 0.5
weighted_severity 6.4
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-682j-e2pu-1uee
2
url VCID-axc3-wcsk-q3eg
vulnerability_id VCID-axc3-wcsk-q3eg
summary A flaw was found in Ansible, where a user's controller is vulnerable to template injection. This issue can occur through facts used in the template if the user is trying to put templates in multi-line YAML strings and the facts being handled do not routinely include special template characters. This flaw allows attackers to perform command injection, which discloses sensitive information. The highest threat from this vulnerability is to confidentiality and integrity.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3583.json
reference_id
reference_type
scores
0
value 6.6
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3583.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-3583
reference_id
reference_type
scores
0
value 0.00319
scoring_system epss
scoring_elements 0.5489
published_at 2026-04-13T12:55:00Z
1
value 0.00319
scoring_system epss
scoring_elements 0.54913
published_at 2026-04-12T12:55:00Z
2
value 0.00319
scoring_system epss
scoring_elements 0.54931
published_at 2026-04-11T12:55:00Z
3
value 0.00319
scoring_system epss
scoring_elements 0.54919
published_at 2026-04-09T12:55:00Z
4
value 0.00319
scoring_system epss
scoring_elements 0.54804
published_at 2026-04-01T12:55:00Z
5
value 0.00319
scoring_system epss
scoring_elements 0.5487
published_at 2026-04-07T12:55:00Z
6
value 0.00319
scoring_system epss
scoring_elements 0.54901
published_at 2026-04-04T12:55:00Z
7
value 0.00319
scoring_system epss
scoring_elements 0.54875
published_at 2026-04-02T12:55:00Z
8
value 0.00319
scoring_system epss
scoring_elements 0.5492
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-3583
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1968412
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value 8.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1968412
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3583
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3583
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://github.com/advisories/GHSA-2pfh-q76x-gwvm
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value 8.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-2pfh-q76x-gwvm
6
reference_url https://github.com/ansible/ansible
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value 8.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible
7
reference_url https://github.com/ansible/ansible/commit/03aff644cc1c00e1f7551195c68fbd0d13a39e6e
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value 8.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/03aff644cc1c00e1f7551195c68fbd0d13a39e6e
8
reference_url https://github.com/ansible/ansible/commit/8aa850e3573e48c9a2f12aef84e8a3a6f5ba4847
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value 8.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/8aa850e3573e48c9a2f12aef84e8a3a6f5ba4847
9
reference_url https://github.com/ansible/ansible/commit/8b17e5b9229ffaecfe10a4881bc3f87dd2c184e1
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value 8.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/8b17e5b9229ffaecfe10a4881bc3f87dd2c184e1
10
reference_url https://github.com/ansible/ansible/pull/74960
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value 8.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/pull/74960
11
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2021-358.yaml
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value 8.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2021-358.yaml
12
reference_url https://lists.debian.org/debian-lts-announce/2023/12/msg00018.html
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value 8.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2023/12/msg00018.html
13
reference_url https://security.archlinux.org/AVG-2260
reference_id AVG-2260
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2260
14
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-3583
reference_id CVE-2021-3583
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value 8.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-3583
15
reference_url https://access.redhat.com/errata/RHSA-2021:2663
reference_id RHSA-2021:2663
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:2663
16
reference_url https://access.redhat.com/errata/RHSA-2021:2664
reference_id RHSA-2021:2664
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:2664
17
reference_url https://usn.ubuntu.com/USN-5315-1/
reference_id USN-USN-5315-1
reference_type
scores
url https://usn.ubuntu.com/USN-5315-1/
fixed_packages
0
url pkg:pypi/ansible@2.10.11rc1
purl pkg:pypi/ansible@2.10.11rc1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.10.11rc1
1
url pkg:pypi/ansible@2.11.2rc1
purl pkg:pypi/ansible@2.11.2rc1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.11.2rc1
2
url pkg:pypi/ansible@3.0.0b1
purl pkg:pypi/ansible@3.0.0b1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4yvf-k192-9fca
1
vulnerability VCID-qbdk-hxhg-wbh4
2
vulnerability VCID-ujbp-cc1r-wfe9
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@3.0.0b1
aliases CVE-2021-3583, GHSA-2pfh-q76x-gwvm, PYSEC-2021-358
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-axc3-wcsk-q3eg
3
url VCID-c1xg-s3kx-gkft
vulnerability_id VCID-c1xg-s3kx-gkft
summary A flaw was found in Ansible Engine when a file is moved using atomic_move primitive as the file mode cannot be specified. This sets the destination files world-readable if the destination file does not exist and if the file exists, the file could be changed to have less restrictive permissions before the move. This could lead to the disclosure of sensitive data. All versions in 2.7.x, 2.8.x and 2.9.x branches are believed to be vulnerable.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1736.json
reference_id
reference_type
scores
0
value 2.2
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1736.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-1736
reference_id
reference_type
scores
0
value 0.0004
scoring_system epss
scoring_elements 0.12221
published_at 2026-04-01T12:55:00Z
1
value 0.0004
scoring_system epss
scoring_elements 0.12184
published_at 2026-04-07T12:55:00Z
2
value 0.0004
scoring_system epss
scoring_elements 0.12383
published_at 2026-04-04T12:55:00Z
3
value 0.0004
scoring_system epss
scoring_elements 0.12337
published_at 2026-04-02T12:55:00Z
4
value 0.00045
scoring_system epss
scoring_elements 0.13875
published_at 2026-04-11T12:55:00Z
5
value 0.00045
scoring_system epss
scoring_elements 0.13918
published_at 2026-04-09T12:55:00Z
6
value 0.00045
scoring_system epss
scoring_elements 0.13791
published_at 2026-04-13T12:55:00Z
7
value 0.00045
scoring_system epss
scoring_elements 0.13866
published_at 2026-04-08T12:55:00Z
8
value 0.00045
scoring_system epss
scoring_elements 0.13839
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-1736
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1736
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value 4.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1736
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1736
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1736
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 2.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://github.com/advisories/GHSA-x7jh-595q-wq82
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value 4.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-x7jh-595q-wq82
6
reference_url https://github.com/ansible/ansible
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value 4.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible
7
reference_url https://github.com/ansible/ansible/issues/67794
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value 4.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/issues/67794
8
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2020-8.yaml
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value 4.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2020-8.yaml
9
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2NYYQP2XJB2TTRP6AKWVMBSPB2DFJNKD/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2NYYQP2XJB2TTRP6AKWVMBSPB2DFJNKD/
10
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BPNZWBAUP4ZHUR6PO7U6ZXEKNCX62KZ7/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BPNZWBAUP4ZHUR6PO7U6ZXEKNCX62KZ7/
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2NYYQP2XJB2TTRP6AKWVMBSPB2DFJNKD
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value 4.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2NYYQP2XJB2TTRP6AKWVMBSPB2DFJNKD
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2NYYQP2XJB2TTRP6AKWVMBSPB2DFJNKD/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2NYYQP2XJB2TTRP6AKWVMBSPB2DFJNKD/
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BPNZWBAUP4ZHUR6PO7U6ZXEKNCX62KZ7
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value 4.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BPNZWBAUP4ZHUR6PO7U6ZXEKNCX62KZ7
14
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BPNZWBAUP4ZHUR6PO7U6ZXEKNCX62KZ7/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BPNZWBAUP4ZHUR6PO7U6ZXEKNCX62KZ7/
15
reference_url https://security.gentoo.org/glsa/202006-11
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value 4.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202006-11
16
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1802124
reference_id 1802124
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1802124
17
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=966663
reference_id 966663
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=966663
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:ansible:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible:*:*:*:*:*:*:*:*
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_tower:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:ansible_tower:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_tower:*:*:*:*:*:*:*:*
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:cloudforms_management_engine:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:cloudforms_management_engine:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:cloudforms_management_engine:5.0:*:*:*:*:*:*:*
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:13:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:openstack:13:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:13:*:*:*:*:*:*:*
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
reference_id cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*
reference_id cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*
24
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-1736
reference_id CVE-2020-1736
reference_type
scores
0
value 2.1
scoring_system cvssv2
scoring_elements AV:L/AC:L/Au:N/C:P/I:N/A:N
1
value 2.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N
2
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
3
value 4.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
4
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-1736
25
reference_url https://access.redhat.com/errata/RHSA-2020:3600
reference_id RHSA-2020:3600
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3600
fixed_packages
0
url pkg:pypi/ansible@2.10.1
purl pkg:pypi/ansible@2.10.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2jy6-eqpn-wbce
1
vulnerability VCID-4yvf-k192-9fca
2
vulnerability VCID-682j-e2pu-1uee
3
vulnerability VCID-axc3-wcsk-q3eg
4
vulnerability VCID-e3z2-ydhb-gqfg
5
vulnerability VCID-qbdk-hxhg-wbh4
6
vulnerability VCID-ujbp-cc1r-wfe9
7
vulnerability VCID-xw8r-fn6y-mbhp
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.10.1
aliases CVE-2020-1736, GHSA-x7jh-595q-wq82, PYSEC-2020-8
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-c1xg-s3kx-gkft
4
url VCID-dzdx-wae5-8ydy
vulnerability_id VCID-dzdx-wae5-8ydy
summary 
Ansible leaks password to logs
A flaw was found in Ansible in the amazon.aws collection when using the `tower_callback` parameter from the `amazon.aws.ec2_instance` module. This flaw allows an attacker to take advantage of this issue as the module is handling the parameter insecurely, leading to the password leaking in the logs.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3697.json
reference_id
reference_type
scores
0
value 5.7
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3697.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-3697
reference_id
reference_type
scores
0
value 0.00191
scoring_system epss
scoring_elements 0.41039
published_at 2026-04-04T12:55:00Z
1
value 0.00191
scoring_system epss
scoring_elements 0.41008
published_at 2026-04-02T12:55:00Z
2
value 0.00216
scoring_system epss
scoring_elements 0.44224
published_at 2026-04-11T12:55:00Z
3
value 0.00216
scoring_system epss
scoring_elements 0.44207
published_at 2026-04-09T12:55:00Z
4
value 0.00216
scoring_system epss
scoring_elements 0.44203
published_at 2026-04-08T12:55:00Z
5
value 0.00216
scoring_system epss
scoring_elements 0.44152
published_at 2026-04-07T12:55:00Z
6
value 0.00216
scoring_system epss
scoring_elements 0.44192
published_at 2026-04-13T12:55:00Z
7
value 0.00216
scoring_system epss
scoring_elements 0.44191
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-3697
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3697
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3697
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/ansible/ansible
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible
5
reference_url https://github.com/ansible/ansible/pull/35749
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/pull/35749
6
reference_url https://github.com/ansible-collections/amazon.aws/pull/1199
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ansible-collections/amazon.aws/pull/1199
7
reference_url https://github.com/ansible-community/ansible-build-data/blob/main/6/CHANGELOG-v6.rst
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ansible-community/ansible-build-data/blob/main/6/CHANGELOG-v6.rst
8
reference_url https://lists.debian.org/debian-lts-announce/2023/12/msg00018.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2023/12/msg00018.html
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-3697
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-3697
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2137664
reference_id 2137664
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2137664
11
reference_url https://github.com/advisories/GHSA-cpx3-93w7-457x
reference_id GHSA-cpx3-93w7-457x
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-cpx3-93w7-457x
12
reference_url https://usn.ubuntu.com/6846-1/
reference_id USN-6846-1
reference_type
scores
url https://usn.ubuntu.com/6846-1/
fixed_packages
0
url pkg:pypi/ansible@2.10.0
purl pkg:pypi/ansible@2.10.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4yvf-k192-9fca
1
vulnerability VCID-682j-e2pu-1uee
2
vulnerability VCID-axc3-wcsk-q3eg
3
vulnerability VCID-c1xg-s3kx-gkft
4
vulnerability VCID-e3z2-ydhb-gqfg
5
vulnerability VCID-qbdk-hxhg-wbh4
6
vulnerability VCID-rg5d-st3d-nbah
7
vulnerability VCID-ujbp-cc1r-wfe9
8
vulnerability VCID-xw8r-fn6y-mbhp
9
vulnerability VCID-yeea-n94x-qqch
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.10.0
1
url pkg:pypi/ansible@7.0.0
purl pkg:pypi/ansible@7.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-qbdk-hxhg-wbh4
1
vulnerability VCID-ujbp-cc1r-wfe9
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@7.0.0
aliases CVE-2022-3697, GHSA-cpx3-93w7-457x
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dzdx-wae5-8ydy
5
url VCID-e3z2-ydhb-gqfg
vulnerability_id VCID-e3z2-ydhb-gqfg
summary A flaw was found in the Ansible Engine 2.9.18, where sensitive info is not masked by default and is not protected by the no_log feature when using the sub-option feature of the basic.py module. This flaw allows an attacker to obtain sensitive information. The highest threat from this vulnerability is to confidentiality.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20228.json
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20228.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-20228
reference_id
reference_type
scores
0
value 0.00149
scoring_system epss
scoring_elements 0.35396
published_at 2026-04-13T12:55:00Z
1
value 0.00149
scoring_system epss
scoring_elements 0.3542
published_at 2026-04-12T12:55:00Z
2
value 0.00149
scoring_system epss
scoring_elements 0.35463
published_at 2026-04-11T12:55:00Z
3
value 0.00149
scoring_system epss
scoring_elements 0.35454
published_at 2026-04-09T12:55:00Z
4
value 0.00149
scoring_system epss
scoring_elements 0.35429
published_at 2026-04-08T12:55:00Z
5
value 0.00149
scoring_system epss
scoring_elements 0.35383
published_at 2026-04-07T12:55:00Z
6
value 0.00149
scoring_system epss
scoring_elements 0.355
published_at 2026-04-04T12:55:00Z
7
value 0.00149
scoring_system epss
scoring_elements 0.35276
published_at 2026-04-01T12:55:00Z
8
value 0.00149
scoring_system epss
scoring_elements 0.35475
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-20228
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1925002
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1925002
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10156
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10156
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10206
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10206
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14846
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14846
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14864
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14864
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14904
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14904
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10684
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10684
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10685
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10685
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10729
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10729
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14330
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14330
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14332
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14332
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14365
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14365
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1733
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1733
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1735
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1735
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1739
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1739
17
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1740
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1740
18
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1746
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1746
19
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1753
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1753
20
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20228
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20228
21
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
22
reference_url https://github.com/advisories/GHSA-5rrg-rr89-x9mv
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-5rrg-rr89-x9mv
23
reference_url https://github.com/ansible/ansible
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible
24
reference_url https://github.com/ansible/ansible/commit/49ebd509df9de1c1fc1bcee00e79a835dd00662c
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/49ebd509df9de1c1fc1bcee00e79a835dd00662c
25
reference_url https://github.com/ansible/ansible/commit/e41d1f0a3fd6c466192e7e24accd3d1c6501111b
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/e41d1f0a3fd6c466192e7e24accd3d1c6501111b
26
reference_url https://github.com/ansible/ansible/commit/f8ff395d817c3eddc050f809919c15dfb5796120
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/f8ff395d817c3eddc050f809919c15dfb5796120
27
reference_url https://github.com/ansible/ansible/pull/73487
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/pull/73487
28
reference_url https://github.com/ansible/ansible/pull/73492
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/pull/73492
29
reference_url https://github.com/ansible/ansible/pull/73493
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/pull/73493
30
reference_url https://github.com/ansible/ansible/pull/73494
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/pull/73494
31
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2021-1.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2021-1.yaml
32
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-20228
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-20228
33
reference_url https://www.debian.org/security/2021/dsa-4950
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2021/dsa-4950
34
reference_url https://access.redhat.com/errata/RHSA-2021:0663
reference_id RHSA-2021:0663
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0663
35
reference_url https://access.redhat.com/errata/RHSA-2021:0664
reference_id RHSA-2021:0664
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0664
36
reference_url https://access.redhat.com/errata/RHSA-2021:1079
reference_id RHSA-2021:1079
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:1079
37
reference_url https://access.redhat.com/errata/RHSA-2021:2180
reference_id RHSA-2021:2180
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:2180
fixed_packages
0
url pkg:pypi/ansible@2.10.6rc1
purl pkg:pypi/ansible@2.10.6rc1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.10.6rc1
1
url pkg:pypi/ansible@2.10.6
purl pkg:pypi/ansible@2.10.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4yvf-k192-9fca
1
vulnerability VCID-682j-e2pu-1uee
2
vulnerability VCID-axc3-wcsk-q3eg
3
vulnerability VCID-qbdk-hxhg-wbh4
4
vulnerability VCID-ujbp-cc1r-wfe9
5
vulnerability VCID-xw8r-fn6y-mbhp
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.10.6
aliases CVE-2021-20228, GHSA-5rrg-rr89-x9mv, PYSEC-2021-1
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-e3z2-ydhb-gqfg
6
url VCID-qbdk-hxhg-wbh4
vulnerability_id VCID-qbdk-hxhg-wbh4
summary 
Ansible Community General Collection is vulnerable to exposure of sensitive information
A flaw was found in ansible-collection-community-general. This vulnerability allows for information exposure (IE) of sensitive credentials, specifically plaintext passwords, via verbose output when running Ansible with debug modes. Attackers with access to logs could retrieve these secrets and potentially compromise Keycloak accounts or administrative access.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14010.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14010.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-14010
reference_id
reference_type
scores
0
value 0.00015
scoring_system epss
scoring_elements 0.03045
published_at 2026-04-04T12:55:00Z
1
value 0.00015
scoring_system epss
scoring_elements 0.03031
published_at 2026-04-02T12:55:00Z
2
value 0.00018
scoring_system epss
scoring_elements 0.0471
published_at 2026-04-11T12:55:00Z
3
value 0.00018
scoring_system epss
scoring_elements 0.04677
published_at 2026-04-13T12:55:00Z
4
value 0.00018
scoring_system epss
scoring_elements 0.04694
published_at 2026-04-12T12:55:00Z
5
value 0.00018
scoring_system epss
scoring_elements 0.04671
published_at 2026-04-07T12:55:00Z
6
value 0.00018
scoring_system epss
scoring_elements 0.04705
published_at 2026-04-08T12:55:00Z
7
value 0.00018
scoring_system epss
scoring_elements 0.04717
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-14010
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2418774
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-05T17:22:53Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=2418774
3
reference_url https://github.com/ansible-collections/community.general
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible-collections/community.general
4
reference_url https://github.com/ansible-collections/community.general/commit/08e56bbb9b57740a879d3057d84cdb02a162b840
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible-collections/community.general/commit/08e56bbb9b57740a879d3057d84cdb02a162b840
5
reference_url https://github.com/ansible-collections/community.general/commit/54af64ad363efe280b34102d2637fe272c1f7320
reference_id
reference_type
scores
url https://github.com/ansible-collections/community.general/commit/54af64ad363efe280b34102d2637fe272c1f7320
6
reference_url https://github.com/ansible-collections/community.general/issues/11000
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible-collections/community.general/issues/11000
7
reference_url https://github.com/ansible-collections/community.general/pull/11005
reference_id
reference_type
scores
url https://github.com/ansible-collections/community.general/pull/11005
8
reference_url https://github.com/ansible-community/ansible-build-data/blob/12.2.0/12/CHANGELOG-v12.md#security-fixes
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible-community/ansible-build-data/blob/12.2.0/12/CHANGELOG-v12.md#security-fixes
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1121951
reference_id 1121951
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1121951
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ceph_storage:5
reference_id cpe:/a:redhat:ceph_storage:5
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ceph_storage:5
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ceph_storage:6
reference_id cpe:/a:redhat:ceph_storage:6
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ceph_storage:6
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ceph_storage:7
reference_id cpe:/a:redhat:ceph_storage:7
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ceph_storage:7
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ceph_storage:8
reference_id cpe:/a:redhat:ceph_storage:8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ceph_storage:8
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openstack:17.1
reference_id cpe:/a:redhat:openstack:17.1
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openstack:17.1
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openstack:18.0
reference_id cpe:/a:redhat:openstack:18.0
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openstack:18.0
16
reference_url https://access.redhat.com/security/cve/CVE-2025-14010
reference_id CVE-2025-14010
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-05T17:22:53Z/
url https://access.redhat.com/security/cve/CVE-2025-14010
17
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-14010
reference_id CVE-2025-14010
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-14010
18
reference_url https://github.com/advisories/GHSA-8ggh-xwr9-3373
reference_id GHSA-8ggh-xwr9-3373
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-8ggh-xwr9-3373
fixed_packages
0
url pkg:pypi/ansible@12.0.0
purl pkg:pypi/ansible@12.0.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@12.0.0
1
url pkg:pypi/ansible@12.2.0
purl pkg:pypi/ansible@12.2.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@12.2.0
aliases CVE-2025-14010, GHSA-8ggh-xwr9-3373
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qbdk-hxhg-wbh4
7
url VCID-rdwq-93d6-c7b4
vulnerability_id VCID-rdwq-93d6-c7b4
summary An incomplete fix was found for the fix of the flaw CVE-2020-1733 ansible: insecure temporary directory when running become_user from become directive. The provided fix is insufficient to prevent the race condition on systems using ACLs and FUSE filesystems. Ansible Engine 2.7.18, 2.8.12, and 2.9.9 as well as previous versions are affected and Ansible Tower 3.4.5, 3.5.6 and 3.6.4 as well as previous versions are affected.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10744.json
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10744.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-10744
reference_id
reference_type
scores
0
value 0.00038
scoring_system epss
scoring_elements 0.11545
published_at 2026-04-13T12:55:00Z
1
value 0.00038
scoring_system epss
scoring_elements 0.1157
published_at 2026-04-12T12:55:00Z
2
value 0.00038
scoring_system epss
scoring_elements 0.11597
published_at 2026-04-09T12:55:00Z
3
value 0.00038
scoring_system epss
scoring_elements 0.11537
published_at 2026-04-08T12:55:00Z
4
value 0.00038
scoring_system epss
scoring_elements 0.11452
published_at 2026-04-07T12:55:00Z
5
value 0.00038
scoring_system epss
scoring_elements 0.11664
published_at 2026-04-04T12:55:00Z
6
value 0.00038
scoring_system epss
scoring_elements 0.11607
published_at 2026-04-11T12:55:00Z
7
value 0.00038
scoring_system epss
scoring_elements 0.1148
published_at 2026-04-01T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-10744
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10744
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L
1
value 2.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L
2
value LOW
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10744
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10744
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10744
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://github.com/advisories/GHSA-vp9j-rghq-8jhh
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L
1
value LOW
scoring_system cvssv3.1_qr
scoring_elements
2
value 2.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L
3
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-vp9j-rghq-8jhh
6
reference_url https://github.com/ansible/ansible
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L
1
value 2.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible
7
reference_url https://github.com/ansible/ansible/commit/77d0effcc5b2da1ef23e4ba32986a9759c27c10d
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L
1
value 2.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/77d0effcc5b2da1ef23e4ba32986a9759c27c10d
8
reference_url https://github.com/ansible/ansible/commit/84afa8e90cd168ff13208c8eae3e533ce7e21e1f
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L
1
value 2.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/84afa8e90cd168ff13208c8eae3e533ce7e21e1f
9
reference_url https://github.com/ansible/ansible/commit/ffd3757fc35468a97791e452e7f2d14c3e3fcb80
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L
1
value 2.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/ffd3757fc35468a97791e452e7f2d14c3e3fcb80
10
reference_url https://github.com/ansible/ansible/issues/69782
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L
1
value 2.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/issues/69782
11
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2020-208.yaml
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L
1
value 2.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2020-208.yaml
12
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1835566
reference_id 1835566
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1835566
13
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=966660
reference_id 966660
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=966660
14
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-10744
reference_id CVE-2020-10744
reference_type
scores
0
value 5.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L
1
value 2.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L
2
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-10744
15
reference_url https://usn.ubuntu.com/USN-5315-1/
reference_id USN-USN-5315-1
reference_type
scores
url https://usn.ubuntu.com/USN-5315-1/
fixed_packages
0
url pkg:pypi/ansible@2.10.0rc1
purl pkg:pypi/ansible@2.10.0rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4yvf-k192-9fca
1
vulnerability VCID-682j-e2pu-1uee
2
vulnerability VCID-axc3-wcsk-q3eg
3
vulnerability VCID-c1xg-s3kx-gkft
4
vulnerability VCID-dzdx-wae5-8ydy
5
vulnerability VCID-e3z2-ydhb-gqfg
6
vulnerability VCID-qbdk-hxhg-wbh4
7
vulnerability VCID-rg5d-st3d-nbah
8
vulnerability VCID-ujbp-cc1r-wfe9
9
vulnerability VCID-v3h9-1t69-v7a3
10
vulnerability VCID-xw8r-fn6y-mbhp
11
vulnerability VCID-yeea-n94x-qqch
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.10.0rc1
aliases CVE-2020-10744, GHSA-vp9j-rghq-8jhh, PYSEC-2020-208
risk_score 2.2
exploitability 0.5
weighted_severity 4.5
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rdwq-93d6-c7b4
8
url VCID-rg5d-st3d-nbah
vulnerability_id VCID-rg5d-st3d-nbah
summary A flaw was found in Ansible Base when using the aws_ssm connection plugin as garbage collector is not happening after playbook run is completed. Files would remain in the bucket exposing the data. This issue affects directly data confidentiality.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25635.json
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25635.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-25635
reference_id
reference_type
scores
0
value 0.00087
scoring_system epss
scoring_elements 0.25003
published_at 2026-04-13T12:55:00Z
1
value 0.00087
scoring_system epss
scoring_elements 0.25057
published_at 2026-04-12T12:55:00Z
2
value 0.00087
scoring_system epss
scoring_elements 0.25098
published_at 2026-04-11T12:55:00Z
3
value 0.00087
scoring_system epss
scoring_elements 0.25083
published_at 2026-04-09T12:55:00Z
4
value 0.00087
scoring_system epss
scoring_elements 0.25039
published_at 2026-04-08T12:55:00Z
5
value 0.00087
scoring_system epss
scoring_elements 0.25199
published_at 2026-04-04T12:55:00Z
6
value 0.00087
scoring_system epss
scoring_elements 0.2497
published_at 2026-04-07T12:55:00Z
7
value 0.00087
scoring_system epss
scoring_elements 0.25158
published_at 2026-04-02T12:55:00Z
8
value 0.00087
scoring_system epss
scoring_elements 0.25073
published_at 2026-04-01T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-25635
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-25635
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-25635
3
reference_url https://github.com/ansible/ansible
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible
4
reference_url https://github.com/ansible-collections/community.aws/issues/222
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible-collections/community.aws/issues/222
5
reference_url https://github.com/ansible-collections/community.aws/pull/237#issuecomment-1468591094
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible-collections/community.aws/pull/237#issuecomment-1468591094
6
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2020-220.yaml
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2020-220.yaml
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1880275
reference_id 1880275
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1880275
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-25635
reference_id CVE-2020-25635
reference_type
scores
0
value 5.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-25635
9
reference_url https://github.com/advisories/GHSA-f556-49jc-4rvc
reference_id GHSA-f556-49jc-4rvc
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-f556-49jc-4rvc
fixed_packages
0
url pkg:pypi/ansible@2.10.1
purl pkg:pypi/ansible@2.10.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2jy6-eqpn-wbce
1
vulnerability VCID-4yvf-k192-9fca
2
vulnerability VCID-682j-e2pu-1uee
3
vulnerability VCID-axc3-wcsk-q3eg
4
vulnerability VCID-e3z2-ydhb-gqfg
5
vulnerability VCID-qbdk-hxhg-wbh4
6
vulnerability VCID-ujbp-cc1r-wfe9
7
vulnerability VCID-xw8r-fn6y-mbhp
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.10.1
aliases CVE-2020-25635, GHSA-f556-49jc-4rvc, PYSEC-2020-220
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rg5d-st3d-nbah
9
url VCID-ujbp-cc1r-wfe9
vulnerability_id VCID-ujbp-cc1r-wfe9
summary 
Ansible symlink attack vulnerability
An absolute path traversal attack exists in the Ansible automation platform. This flaw allows an attacker to craft a malicious Ansible role and make the victim execute the role. A symlink can be used to overwrite a file outside of the extraction path.
references
0
reference_url https://access.redhat.com/errata/RHSA-2023:5701
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2023:5701
1
reference_url https://access.redhat.com/errata/RHSA-2023:5758
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2023:5758
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5115.json
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5115.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-5115
reference_id
reference_type
scores
0
value 0.00716
scoring_system epss
scoring_elements 0.72353
published_at 2026-04-04T12:55:00Z
1
value 0.00716
scoring_system epss
scoring_elements 0.72376
published_at 2026-04-13T12:55:00Z
2
value 0.00716
scoring_system epss
scoring_elements 0.72388
published_at 2026-04-12T12:55:00Z
3
value 0.00716
scoring_system epss
scoring_elements 0.72404
published_at 2026-04-11T12:55:00Z
4
value 0.00716
scoring_system epss
scoring_elements 0.72381
published_at 2026-04-09T12:55:00Z
5
value 0.00716
scoring_system epss
scoring_elements 0.7233
published_at 2026-04-07T12:55:00Z
6
value 0.00716
scoring_system epss
scoring_elements 0.72335
published_at 2026-04-02T12:55:00Z
7
value 0.00716
scoring_system epss
scoring_elements 0.72369
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-5115
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2233810
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=2233810
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5115
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5115
6
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
7
reference_url https://github.com/ansible/ansible
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible
8
reference_url https://github.com/ansible/ansible/commit/1e930684bc0a76ec3d094cd326738ad26416541c
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/1e930684bc0a76ec3d094cd326738ad26416541c
9
reference_url https://github.com/ansible-community/ansible-build-data/blob/16d36538b96c65d9e0e28d89781361b69857ac0e/8/CHANGELOG-v8.rst#L221
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible-community/ansible-build-data/blob/16d36538b96c65d9e0e28d89781361b69857ac0e/8/CHANGELOG-v8.rst#L221
10
reference_url https://lists.debian.org/debian-lts-announce/2023/12/msg00018.html
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2023/12/msg00018.html
11
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053693
reference_id 1053693
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053693
12
reference_url https://access.redhat.com/security/cve/CVE-2023-5115
reference_id CVE-2023-5115
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2023-5115
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-5115
reference_id CVE-2023-5115
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-5115
14
reference_url https://github.com/advisories/GHSA-jpvw-p8pr-9g2x
reference_id GHSA-jpvw-p8pr-9g2x
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-jpvw-p8pr-9g2x
fixed_packages
0
url pkg:pypi/ansible@8.5.0
purl pkg:pypi/ansible@8.5.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-qbdk-hxhg-wbh4
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@8.5.0
aliases CVE-2023-5115, GHSA-jpvw-p8pr-9g2x
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ujbp-cc1r-wfe9
10
url VCID-v3h9-1t69-v7a3
vulnerability_id VCID-v3h9-1t69-v7a3
summary An Improper Output Neutralization for Logs flaw was found in Ansible when using the uri module, where sensitive data is exposed to content and json output. This flaw allows an attacker to access the logs or outputs of performed tasks to read keys used in playbooks from other users within the uri module. The highest threat from this vulnerability is to data confidentiality.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14330.json
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14330.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-14330
reference_id
reference_type
scores
0
value 0.00133
scoring_system epss
scoring_elements 0.32894
published_at 2026-04-13T12:55:00Z
1
value 0.00133
scoring_system epss
scoring_elements 0.32919
published_at 2026-04-12T12:55:00Z
2
value 0.00133
scoring_system epss
scoring_elements 0.32957
published_at 2026-04-11T12:55:00Z
3
value 0.00133
scoring_system epss
scoring_elements 0.32955
published_at 2026-04-09T12:55:00Z
4
value 0.00133
scoring_system epss
scoring_elements 0.32878
published_at 2026-04-07T12:55:00Z
5
value 0.00133
scoring_system epss
scoring_elements 0.33048
published_at 2026-04-04T12:55:00Z
6
value 0.00133
scoring_system epss
scoring_elements 0.33015
published_at 2026-04-02T12:55:00Z
7
value 0.00133
scoring_system epss
scoring_elements 0.32884
published_at 2026-04-01T12:55:00Z
8
value 0.00133
scoring_system epss
scoring_elements 0.32925
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-14330
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-14330
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-14330
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10156
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10156
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10206
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10206
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14846
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14846
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14864
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14864
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14904
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14904
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10684
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10684
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10685
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10685
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10729
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10729
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14330
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14330
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14332
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14332
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14365
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14365
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1733
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1733
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1735
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1735
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1739
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1739
17
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1740
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1740
18
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1746
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1746
19
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1753
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1753
20
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20228
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20228
21
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
22
reference_url https://github.com/advisories/GHSA-785x-qw4v-6872
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-785x-qw4v-6872
23
reference_url https://github.com/ansible/ansible
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible
24
reference_url https://github.com/ansible/ansible/commit/e0f25a2b1f9e6c21f751ba0ed2dc2eee2152983e
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/e0f25a2b1f9e6c21f751ba0ed2dc2eee2152983e
25
reference_url https://github.com/ansible/ansible/issues/68400
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/issues/68400
26
reference_url https://github.com/ansible/ansible/pull/69653
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/pull/69653
27
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2020-3.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2020-3.yaml
28
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-14330
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-14330
29
reference_url https://www.debian.org/security/2021/dsa-4950
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2021/dsa-4950
30
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1856815
reference_id 1856815
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1856815
31
reference_url https://access.redhat.com/errata/RHSA-2020:3600
reference_id RHSA-2020:3600
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3600
fixed_packages
0
url pkg:pypi/ansible@2.10.0
purl pkg:pypi/ansible@2.10.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4yvf-k192-9fca
1
vulnerability VCID-682j-e2pu-1uee
2
vulnerability VCID-axc3-wcsk-q3eg
3
vulnerability VCID-c1xg-s3kx-gkft
4
vulnerability VCID-e3z2-ydhb-gqfg
5
vulnerability VCID-qbdk-hxhg-wbh4
6
vulnerability VCID-rg5d-st3d-nbah
7
vulnerability VCID-ujbp-cc1r-wfe9
8
vulnerability VCID-xw8r-fn6y-mbhp
9
vulnerability VCID-yeea-n94x-qqch
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.10.0
aliases CVE-2020-14330, GHSA-785x-qw4v-6872, PYSEC-2020-3
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-v3h9-1t69-v7a3
11
url VCID-whyk-3ynn-zyf4
vulnerability_id VCID-whyk-3ynn-zyf4
summary A flaw was found in the pipe lookup plugin of ansible. Arbitrary commands can be run, when the pipe lookup plugin uses subprocess.Popen() with shell=True, by overwriting ansible facts and the variable is not escaped by quote plugin. An attacker could take advantage and run arbitrary commands by overwriting the ansible facts.
references
0
reference_url https://access.redhat.com/errata/RHBA-2020:0547
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:L
1
value 8.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:L/SC:H/SI:H/SA:L
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHBA-2020:0547
1
reference_url https://access.redhat.com/errata/RHBA-2020:1539
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:L
1
value 8.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:L/SC:H/SI:H/SA:L
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHBA-2020:1539
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1734.json
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1734.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-1734
reference_id
reference_type
scores
0
value 0.00131
scoring_system epss
scoring_elements 0.32653
published_at 2026-04-12T12:55:00Z
1
value 0.00131
scoring_system epss
scoring_elements 0.32691
published_at 2026-04-11T12:55:00Z
2
value 0.00131
scoring_system epss
scoring_elements 0.3269
published_at 2026-04-09T12:55:00Z
3
value 0.00131
scoring_system epss
scoring_elements 0.32664
published_at 2026-04-08T12:55:00Z
4
value 0.00131
scoring_system epss
scoring_elements 0.32616
published_at 2026-04-07T12:55:00Z
5
value 0.00131
scoring_system epss
scoring_elements 0.32795
published_at 2026-04-04T12:55:00Z
6
value 0.00131
scoring_system epss
scoring_elements 0.32759
published_at 2026-04-02T12:55:00Z
7
value 0.00131
scoring_system epss
scoring_elements 0.32624
published_at 2026-04-01T12:55:00Z
8
value 0.00131
scoring_system epss
scoring_elements 0.32626
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-1734
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1801804
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:L
1
value 8.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:L/SC:H/SI:H/SA:L
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1801804
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1734
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:L
1
value 8.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:L/SC:H/SI:H/SA:L
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1734
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1734
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1734
7
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
8
reference_url https://github.com/advisories/GHSA-h39q-95q5-9jfp
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:L
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value 8.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:L/SC:H/SI:H/SA:L
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-h39q-95q5-9jfp
9
reference_url https://github.com/ansible/ansible
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:L
1
value 8.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:L/SC:H/SI:H/SA:L
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible
10
reference_url https://github.com/ansible/ansible/commit/4f978af4ca16ad9828ffe42203b9615425195f8b
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:L
1
value 8.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:L/SC:H/SI:H/SA:L
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/4f978af4ca16ad9828ffe42203b9615425195f8b
11
reference_url https://github.com/ansible/ansible/commit/963bdd9983b91a48fb6949fb2ef41071e72d0be0
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:L
1
value 8.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:L/SC:H/SI:H/SA:L
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/963bdd9983b91a48fb6949fb2ef41071e72d0be0
12
reference_url https://github.com/ansible/ansible/commit/bff0724e9eab2770f874e018298f9ab74cc2a78f
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:L
1
value 8.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:L/SC:H/SI:H/SA:L
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/bff0724e9eab2770f874e018298f9ab74cc2a78f
13
reference_url https://github.com/ansible/ansible/commit/e5649ca3e807f17e7c034ee22791f107162973b0
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:L
1
value 8.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:L/SC:H/SI:H/SA:L
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/e5649ca3e807f17e7c034ee22791f107162973b0
14
reference_url https://github.com/ansible/ansible/issues/67792
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:L
1
value 8.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:L/SC:H/SI:H/SA:L
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/issues/67792
15
reference_url https://github.com/ansible/ansible/issues/70159
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:L
1
value 8.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:L/SC:H/SI:H/SA:L
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/issues/70159
16
reference_url https://github.com/ansible/ansible/pull/70596
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:L
1
value 8.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:L/SC:H/SI:H/SA:L
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/pull/70596
17
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2020-6.yaml
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:L
1
value 8.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:L/SC:H/SI:H/SA:L
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2020-6.yaml
18
reference_url https://access.redhat.com/security/cve/CVE-2020-1734
reference_id CVE-2020-1734
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:L
1
value 8.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:L/SC:H/SI:H/SA:L
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2020-1734
19
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-1734
reference_id CVE-2020-1734
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:L
1
value 8.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:L/SC:H/SI:H/SA:L
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-1734
fixed_packages
0
url pkg:pypi/ansible@2.10.0rc1
purl pkg:pypi/ansible@2.10.0rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4yvf-k192-9fca
1
vulnerability VCID-682j-e2pu-1uee
2
vulnerability VCID-axc3-wcsk-q3eg
3
vulnerability VCID-c1xg-s3kx-gkft
4
vulnerability VCID-dzdx-wae5-8ydy
5
vulnerability VCID-e3z2-ydhb-gqfg
6
vulnerability VCID-qbdk-hxhg-wbh4
7
vulnerability VCID-rg5d-st3d-nbah
8
vulnerability VCID-ujbp-cc1r-wfe9
9
vulnerability VCID-v3h9-1t69-v7a3
10
vulnerability VCID-xw8r-fn6y-mbhp
11
vulnerability VCID-yeea-n94x-qqch
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.10.0rc1
aliases CVE-2020-1734, GHSA-h39q-95q5-9jfp, PYSEC-2020-6
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-whyk-3ynn-zyf4
12
url VCID-xw8r-fn6y-mbhp
vulnerability_id VCID-xw8r-fn6y-mbhp
summary A flaw was found in ansible. Credentials, such as secrets, are being disclosed in console log by default and not protected by no_log feature when using those modules. An attacker can take advantage of this information to steal those credentials. The highest threat from this vulnerability is to data confidentiality. Versions before ansible 2.9.18 are affected.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20191.json
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20191.json
1
reference_url https://access.redhat.com/security/cve/cve-2021-20191
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/cve-2021-20191
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-20191
reference_id
reference_type
scores
0
value 0.00037
scoring_system epss
scoring_elements 0.11217
published_at 2026-04-13T12:55:00Z
1
value 0.00037
scoring_system epss
scoring_elements 0.11266
published_at 2026-04-09T12:55:00Z
2
value 0.00037
scoring_system epss
scoring_elements 0.1121
published_at 2026-04-08T12:55:00Z
3
value 0.00037
scoring_system epss
scoring_elements 0.11131
published_at 2026-04-07T12:55:00Z
4
value 0.00037
scoring_system epss
scoring_elements 0.11315
published_at 2026-04-04T12:55:00Z
5
value 0.00037
scoring_system epss
scoring_elements 0.11255
published_at 2026-04-02T12:55:00Z
6
value 0.00037
scoring_system epss
scoring_elements 0.11108
published_at 2026-04-01T12:55:00Z
7
value 0.00037
scoring_system epss
scoring_elements 0.11243
published_at 2026-04-12T12:55:00Z
8
value 0.00037
scoring_system epss
scoring_elements 0.11277
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-20191
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1916813
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1916813
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20191
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20191
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://github.com/advisories/GHSA-8f4m-hccc-8qph
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-8f4m-hccc-8qph
7
reference_url https://github.com/ansible/ansible
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible
8
reference_url https://github.com/ansible/ansible/commit/cc82d986c40328d4ae81298a9d287c95a6326bb0
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/cc82d986c40328d4ae81298a9d287c95a6326bb0
9
reference_url https://github.com/ansible/ansible/commit/d74a1b1d1325af2a24848044cf2858987f5a3ecc
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/d74a1b1d1325af2a24848044cf2858987f5a3ecc
10
reference_url https://github.com/ansible/ansible/pull/73488
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/pull/73488
11
reference_url https://github.com/ansible/ansible/pull/73489
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/pull/73489
12
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2021-124.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2021-124.yaml
13
reference_url https://lists.debian.org/debian-lts-announce/2023/12/msg00018.html
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2023/12/msg00018.html
14
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-20191
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-20191
15
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985753
reference_id 985753
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985753
16
reference_url https://security.archlinux.org/ASA-202102-9
reference_id ASA-202102-9
reference_type
scores
url https://security.archlinux.org/ASA-202102-9
17
reference_url https://security.archlinux.org/AVG-1437
reference_id AVG-1437
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1437
18
reference_url https://access.redhat.com/errata/RHSA-2021:0663
reference_id RHSA-2021:0663
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0663
19
reference_url https://access.redhat.com/errata/RHSA-2021:0664
reference_id RHSA-2021:0664
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0664
20
reference_url https://access.redhat.com/errata/RHSA-2021:1079
reference_id RHSA-2021:1079
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:1079
21
reference_url https://access.redhat.com/errata/RHSA-2021:2180
reference_id RHSA-2021:2180
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:2180
fixed_packages
0
url pkg:pypi/ansible@2.10.7
purl pkg:pypi/ansible@2.10.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4yvf-k192-9fca
1
vulnerability VCID-682j-e2pu-1uee
2
vulnerability VCID-axc3-wcsk-q3eg
3
vulnerability VCID-qbdk-hxhg-wbh4
4
vulnerability VCID-ujbp-cc1r-wfe9
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.10.7
aliases CVE-2021-20191, GHSA-8f4m-hccc-8qph, PYSEC-2021-124
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xw8r-fn6y-mbhp
13
url VCID-yeea-n94x-qqch
vulnerability_id VCID-yeea-n94x-qqch
summary A flaw was found in the Ansible Engine when using module_args. Tasks executed with check mode (--check-mode) do not properly neutralize sensitive data exposed in the event data. This flaw allows unauthorized users to read this data. The highest threat from this vulnerability is to confidentiality.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14332.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14332.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-14332
reference_id
reference_type
scores
0
value 0.00149
scoring_system epss
scoring_elements 0.35362
published_at 2026-04-13T12:55:00Z
1
value 0.00149
scoring_system epss
scoring_elements 0.35384
published_at 2026-04-12T12:55:00Z
2
value 0.00149
scoring_system epss
scoring_elements 0.3542
published_at 2026-04-11T12:55:00Z
3
value 0.00149
scoring_system epss
scoring_elements 0.35419
published_at 2026-04-09T12:55:00Z
4
value 0.00149
scoring_system epss
scoring_elements 0.35394
published_at 2026-04-08T12:55:00Z
5
value 0.00149
scoring_system epss
scoring_elements 0.35348
published_at 2026-04-07T12:55:00Z
6
value 0.00149
scoring_system epss
scoring_elements 0.35465
published_at 2026-04-04T12:55:00Z
7
value 0.00149
scoring_system epss
scoring_elements 0.3544
published_at 2026-04-02T12:55:00Z
8
value 0.00149
scoring_system epss
scoring_elements 0.35239
published_at 2026-04-01T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-14332
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-14332
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-14332
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10156
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10156
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10206
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10206
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14846
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14846
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14864
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14864
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14904
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14904
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10684
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10684
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10685
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10685
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10729
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10729
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14330
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14330
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14332
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14332
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14365
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14365
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1733
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1733
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1735
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1735
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1739
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1739
17
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1740
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1740
18
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1746
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1746
19
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1753
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1753
20
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20228
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20228
21
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
22
reference_url https://github.com/advisories/GHSA-j667-c2hm-f2wp
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-j667-c2hm-f2wp
23
reference_url https://github.com/ansible/ansible
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible
24
reference_url https://github.com/ansible/ansible/blob/stable-2.10/changelogs/CHANGELOG-v2.10.rst#security-fixes-3
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/blob/stable-2.10/changelogs/CHANGELOG-v2.10.rst#security-fixes-3
25
reference_url https://github.com/ansible/ansible/blob/stable-2.8/changelogs/CHANGELOG-v2.8.rst#security-fixes-4
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/blob/stable-2.8/changelogs/CHANGELOG-v2.8.rst#security-fixes-4
26
reference_url https://github.com/ansible/ansible/blob/stable-2.9/changelogs/CHANGELOG-v2.9.rst#security-fixes-6
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/blob/stable-2.9/changelogs/CHANGELOG-v2.9.rst#security-fixes-6
27
reference_url https://github.com/ansible/ansible/commit/291f94934c8c49eef85e6539087f2dfcd001fe4f
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/291f94934c8c49eef85e6539087f2dfcd001fe4f
28
reference_url https://github.com/ansible/ansible/commit/6cae9a4b168df776bf82deb04b2c62e00c38b49a
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/6cae9a4b168df776bf82deb04b2c62e00c38b49a
29
reference_url https://github.com/ansible/ansible/commit/714cd2ad2eff7f003d728414afcb91591fad5d9a
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/714cd2ad2eff7f003d728414afcb91591fad5d9a
30
reference_url https://github.com/ansible/ansible/pull/71033
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/pull/71033
31
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2020-4.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2020-4.yaml
32
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-14332
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-14332
33
reference_url https://www.debian.org/security/2021/dsa-4950
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2021/dsa-4950
34
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1857805
reference_id 1857805
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1857805
35
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=966672
reference_id 966672
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=966672
36
reference_url https://access.redhat.com/errata/RHSA-2020:3600
reference_id RHSA-2020:3600
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3600
fixed_packages
0
url pkg:pypi/ansible@2.10.1rc2
purl pkg:pypi/ansible@2.10.1rc2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.10.1rc2
1
url pkg:pypi/ansible@2.10.1
purl pkg:pypi/ansible@2.10.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2jy6-eqpn-wbce
1
vulnerability VCID-4yvf-k192-9fca
2
vulnerability VCID-682j-e2pu-1uee
3
vulnerability VCID-axc3-wcsk-q3eg
4
vulnerability VCID-e3z2-ydhb-gqfg
5
vulnerability VCID-qbdk-hxhg-wbh4
6
vulnerability VCID-ujbp-cc1r-wfe9
7
vulnerability VCID-xw8r-fn6y-mbhp
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.10.1
aliases CVE-2020-14332, GHSA-j667-c2hm-f2wp, PYSEC-2020-4
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yeea-n94x-qqch
Fixing_vulnerabilities
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.10.0a4