Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:pypi/ansible@2.9.18rc1
Typepypi
Namespace
Nameansible
Version2.9.18rc1
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version2.10.1rc2
Latest_non_vulnerable_version12.2.0
Affected_by_vulnerabilities
0
url VCID-8u2v-jtqe-dqg3
vulnerability_id VCID-8u2v-jtqe-dqg3
summary A flaw was found in the Ansible Engine 2.9.18, where sensitive info is not masked by default and is not protected by the no_log feature when using the sub-option feature of the basic.py module. This flaw allows an attacker to obtain sensitive information. The highest threat from this vulnerability is to confidentiality.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20228.json
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20228.json
1
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1925002
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1925002
2
reference_url https://github.com/advisories/GHSA-5rrg-rr89-x9mv
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-5rrg-rr89-x9mv
3
reference_url https://github.com/ansible/ansible
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible
4
reference_url https://github.com/ansible/ansible/commit/49ebd509df9de1c1fc1bcee00e79a835dd00662c
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/49ebd509df9de1c1fc1bcee00e79a835dd00662c
5
reference_url https://github.com/ansible/ansible/commit/e41d1f0a3fd6c466192e7e24accd3d1c6501111b
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/e41d1f0a3fd6c466192e7e24accd3d1c6501111b
6
reference_url https://github.com/ansible/ansible/commit/f8ff395d817c3eddc050f809919c15dfb5796120
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/f8ff395d817c3eddc050f809919c15dfb5796120
7
reference_url https://github.com/ansible/ansible/pull/73487
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/pull/73487
8
reference_url https://github.com/ansible/ansible/pull/73492
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/pull/73492
9
reference_url https://github.com/ansible/ansible/pull/73493
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/pull/73493
10
reference_url https://github.com/ansible/ansible/pull/73494
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/pull/73494
11
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2021-1.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2021-1.yaml
12
reference_url https://www.debian.org/security/2021/dsa-4950
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2021/dsa-4950
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-20228
reference_id CVE-2021-20228
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-20228
14
reference_url https://access.redhat.com/errata/RHSA-2021:0663
reference_id RHSA-2021:0663
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0663
15
reference_url https://access.redhat.com/errata/RHSA-2021:0664
reference_id RHSA-2021:0664
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0664
16
reference_url https://access.redhat.com/errata/RHSA-2021:1079
reference_id RHSA-2021:1079
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:1079
17
reference_url https://access.redhat.com/errata/RHSA-2021:2180
reference_id RHSA-2021:2180
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:2180
fixed_packages
0
url pkg:pypi/ansible@2.9.19
purl pkg:pypi/ansible@2.9.19
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-am9g-ba4h-sfhr
1
vulnerability VCID-dkds-s3ad-cufa
2
vulnerability VCID-gm99-68bj-c3cz
3
vulnerability VCID-hjc4-jcfm-7be5
4
vulnerability VCID-vhxq-1hqq-77bx
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.19
1
url pkg:pypi/ansible@2.10.6rc1
purl pkg:pypi/ansible@2.10.6rc1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.10.6rc1
aliases CVE-2021-20228, GHSA-5rrg-rr89-x9mv, PYSEC-2021-1
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8u2v-jtqe-dqg3
1
url VCID-am9g-ba4h-sfhr
vulnerability_id VCID-am9g-ba4h-sfhr
summary A flaw was found in Ansible Base when using the aws_ssm connection plugin as garbage collector is not happening after playbook run is completed. Files would remain in the bucket exposing the data. This issue affects directly data confidentiality.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25635.json
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25635.json
1
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-25635
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-25635
2
reference_url https://github.com/ansible/ansible
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible
3
reference_url https://github.com/ansible-collections/community.aws/issues/222
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible-collections/community.aws/issues/222
4
reference_url https://github.com/ansible-collections/community.aws/pull/237#issuecomment-1468591094
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible-collections/community.aws/pull/237#issuecomment-1468591094
5
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2020-220.yaml
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2020-220.yaml
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1880275
reference_id 1880275
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1880275
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-25635
reference_id CVE-2020-25635
reference_type
scores
0
value 5.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-25635
8
reference_url https://github.com/advisories/GHSA-f556-49jc-4rvc
reference_id GHSA-f556-49jc-4rvc
reference_type
scores
url https://github.com/advisories/GHSA-f556-49jc-4rvc
fixed_packages
0
url pkg:pypi/ansible@2.10.1
purl pkg:pypi/ansible@2.10.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-hjc4-jcfm-7be5
1
vulnerability VCID-p4p5-29r5-8qh9
2
vulnerability VCID-t2da-uh4n-yya2
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.10.1
aliases CVE-2020-25635, GHSA-f556-49jc-4rvc, PYSEC-2020-220
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-am9g-ba4h-sfhr
2
url VCID-dkds-s3ad-cufa
vulnerability_id VCID-dkds-s3ad-cufa
summary information disclosure
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3620.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3620.json
1
reference_url https://access.redhat.com/security/cve/CVE-2021-3620
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2021-3620
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1975767
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1975767
3
reference_url https://github.com/advisories/GHSA-4r65-35qq-ch8j
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-4r65-35qq-ch8j
4
reference_url https://github.com/ansible/ansible
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible
5
reference_url https://github.com/ansible/ansible/blob/stable-2.9/changelogs/CHANGELOG-v2.9.rst#security-fixes
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/blob/stable-2.9/changelogs/CHANGELOG-v2.9.rst#security-fixes
6
reference_url https://github.com/ansible/ansible/commit/fe28767970c8ec62aabe493c46b53a5de1e5fac0
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/fe28767970c8ec62aabe493c46b53a5de1e5fac0
7
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2022-164.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2022-164.yaml
8
reference_url https://lists.debian.org/debian-lts-announce/2023/12/msg00018.html
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2023/12/msg00018.html
9
reference_url https://security.archlinux.org/AVG-1941
reference_id AVG-1941
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1941
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-3620
reference_id CVE-2021-3620
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-3620
11
reference_url https://access.redhat.com/errata/RHSA-2021:3871
reference_id RHSA-2021:3871
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2021:3871
12
reference_url https://access.redhat.com/errata/RHSA-2021:3872
reference_id RHSA-2021:3872
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2021:3872
13
reference_url https://access.redhat.com/errata/RHSA-2021:3874
reference_id RHSA-2021:3874
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2021:3874
14
reference_url https://access.redhat.com/errata/RHSA-2021:4703
reference_id RHSA-2021:4703
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2021:4703
15
reference_url https://access.redhat.com/errata/RHSA-2021:4750
reference_id RHSA-2021:4750
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2021:4750
fixed_packages
0
url pkg:pypi/ansible@2.9.27
purl pkg:pypi/ansible@2.9.27
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-am9g-ba4h-sfhr
1
vulnerability VCID-hjc4-jcfm-7be5
2
vulnerability VCID-vhxq-1hqq-77bx
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.27
aliases CVE-2021-3620, GHSA-4r65-35qq-ch8j, PYSEC-2022-164
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dkds-s3ad-cufa
3
url VCID-gm99-68bj-c3cz
vulnerability_id VCID-gm99-68bj-c3cz
summary arbitrary command execution
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3583.json
reference_id
reference_type
scores
0
value 6.6
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3583.json
1
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1968412
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value 8.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1968412
2
reference_url https://github.com/advisories/GHSA-2pfh-q76x-gwvm
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value 8.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-2pfh-q76x-gwvm
3
reference_url https://github.com/ansible/ansible
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value 8.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible
4
reference_url https://github.com/ansible/ansible/commit/03aff644cc1c00e1f7551195c68fbd0d13a39e6e
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value 8.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/03aff644cc1c00e1f7551195c68fbd0d13a39e6e
5
reference_url https://github.com/ansible/ansible/commit/8aa850e3573e48c9a2f12aef84e8a3a6f5ba4847
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value 8.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/8aa850e3573e48c9a2f12aef84e8a3a6f5ba4847
6
reference_url https://github.com/ansible/ansible/commit/8b17e5b9229ffaecfe10a4881bc3f87dd2c184e1
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value 8.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/8b17e5b9229ffaecfe10a4881bc3f87dd2c184e1
7
reference_url https://github.com/ansible/ansible/pull/74960
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value 8.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/pull/74960
8
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2021-358.yaml
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value 8.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2021-358.yaml
9
reference_url https://lists.debian.org/debian-lts-announce/2023/12/msg00018.html
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value 8.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2023/12/msg00018.html
10
reference_url https://security.archlinux.org/AVG-2260
reference_id AVG-2260
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2260
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-3583
reference_id CVE-2021-3583
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value 8.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-3583
12
reference_url https://access.redhat.com/errata/RHSA-2021:2663
reference_id RHSA-2021:2663
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:2663
13
reference_url https://access.redhat.com/errata/RHSA-2021:2664
reference_id RHSA-2021:2664
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:2664
fixed_packages
0
url pkg:pypi/ansible@2.9.23rc1
purl pkg:pypi/ansible@2.9.23rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-am9g-ba4h-sfhr
1
vulnerability VCID-dkds-s3ad-cufa
2
vulnerability VCID-gm99-68bj-c3cz
3
vulnerability VCID-hjc4-jcfm-7be5
4
vulnerability VCID-vhxq-1hqq-77bx
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.23rc1
1
url pkg:pypi/ansible@2.9.23
purl pkg:pypi/ansible@2.9.23
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-am9g-ba4h-sfhr
1
vulnerability VCID-dkds-s3ad-cufa
2
vulnerability VCID-hjc4-jcfm-7be5
3
vulnerability VCID-vhxq-1hqq-77bx
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.23
2
url pkg:pypi/ansible@2.10.11rc1
purl pkg:pypi/ansible@2.10.11rc1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.10.11rc1
3
url pkg:pypi/ansible@2.11.2rc1
purl pkg:pypi/ansible@2.11.2rc1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.11.2rc1
aliases CVE-2021-3583, GHSA-2pfh-q76x-gwvm, PYSEC-2021-358
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gm99-68bj-c3cz
4
url VCID-hjc4-jcfm-7be5
vulnerability_id VCID-hjc4-jcfm-7be5
summary information disclosure
references
0
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1956477
reference_id
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1956477
1
reference_url https://security.archlinux.org/AVG-2056
reference_id AVG-2056
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2056
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-3533
reference_id CVE-2021-3533
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2021-3533
fixed_packages
0
url pkg:pypi/ansible@3.0.0
purl pkg:pypi/ansible@3.0.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@3.0.0
aliases CVE-2021-3533, PYSEC-2021-126
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hjc4-jcfm-7be5
5
url VCID-p4p5-29r5-8qh9
vulnerability_id VCID-p4p5-29r5-8qh9
summary A flaw was found in ansible. Credentials, such as secrets, are being disclosed in console log by default and not protected by no_log feature when using those modules. An attacker can take advantage of this information to steal those credentials. The highest threat from this vulnerability is to data confidentiality. Versions before ansible 2.9.18 are affected.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20191.json
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20191.json
1
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1916813
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1916813
2
reference_url https://github.com/advisories/GHSA-8f4m-hccc-8qph
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-8f4m-hccc-8qph
3
reference_url https://github.com/ansible/ansible
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible
4
reference_url https://github.com/ansible/ansible/commit/cc82d986c40328d4ae81298a9d287c95a6326bb0
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/cc82d986c40328d4ae81298a9d287c95a6326bb0
5
reference_url https://github.com/ansible/ansible/commit/d74a1b1d1325af2a24848044cf2858987f5a3ecc
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/d74a1b1d1325af2a24848044cf2858987f5a3ecc
6
reference_url https://github.com/ansible/ansible/pull/73488
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/pull/73488
7
reference_url https://github.com/ansible/ansible/pull/73489
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/pull/73489
8
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2021-124.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2021-124.yaml
9
reference_url https://lists.debian.org/debian-lts-announce/2023/12/msg00018.html
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2023/12/msg00018.html
10
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985753
reference_id 985753
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985753
11
reference_url https://access.redhat.com/security/cve/cve-2021-20191
reference_id CVE-2021-20191
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/cve-2021-20191
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-20191
reference_id CVE-2021-20191
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-20191
13
reference_url https://access.redhat.com/errata/RHSA-2021:0663
reference_id RHSA-2021:0663
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0663
14
reference_url https://access.redhat.com/errata/RHSA-2021:0664
reference_id RHSA-2021:0664
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0664
15
reference_url https://access.redhat.com/errata/RHSA-2021:1079
reference_id RHSA-2021:1079
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:1079
16
reference_url https://access.redhat.com/errata/RHSA-2021:2180
reference_id RHSA-2021:2180
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:2180
fixed_packages
0
url pkg:pypi/ansible@2.9.18
purl pkg:pypi/ansible@2.9.18
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8u2v-jtqe-dqg3
1
vulnerability VCID-am9g-ba4h-sfhr
2
vulnerability VCID-dkds-s3ad-cufa
3
vulnerability VCID-gm99-68bj-c3cz
4
vulnerability VCID-hjc4-jcfm-7be5
5
vulnerability VCID-vhxq-1hqq-77bx
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.18
1
url pkg:pypi/ansible@2.10.7
purl pkg:pypi/ansible@2.10.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-hjc4-jcfm-7be5
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.10.7
aliases CVE-2021-20191, GHSA-8f4m-hccc-8qph, PYSEC-2021-124
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-p4p5-29r5-8qh9
6
url VCID-pqj1-u787-g3aj
vulnerability_id VCID-pqj1-u787-g3aj
summary A flaw was found in ansible module where credentials are disclosed in the console log by default and not protected by the security feature when using the bitbucket_pipeline_variable module. This flaw allows an attacker to steal bitbucket_pipeline credentials. The highest threat from this vulnerability is to confidentiality.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20178.json
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20178.json
1
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1914774
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1914774
2
reference_url https://github.com/advisories/GHSA-wv5p-gmmv-wh9v
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-wv5p-gmmv-wh9v
3
reference_url https://github.com/ansible/ansible/blob/v2.9.18/changelogs/CHANGELOG-v2.9.rst#security-fixes
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/blob/v2.9.18/changelogs/CHANGELOG-v2.9.rst#security-fixes
4
reference_url https://github.com/ansible/ansible/blob/v2.9.18/changelogs/CHANGELOG-v2.9.rst#security-fixes,
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/blob/v2.9.18/changelogs/CHANGELOG-v2.9.rst#security-fixes,
5
reference_url https://github.com/ansible/ansible/blob/v2.9.18/changelogs/CHANGELOG-v2.9.rst#security-fixes%2C
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/blob/v2.9.18/changelogs/CHANGELOG-v2.9.rst#security-fixes%2C
6
reference_url https://github.com/ansible-collections/community.general/commit/1d0c5e2ba47724c31a18d7b08b9daf13df8829dc
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ansible-collections/community.general/commit/1d0c5e2ba47724c31a18d7b08b9daf13df8829dc
7
reference_url https://github.com/ansible-collections/community.general/pull/1635
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ansible-collections/community.general/pull/1635
8
reference_url https://github.com/ansible-collections/community.general/pull/1635,
reference_id
reference_type
scores
url https://github.com/ansible-collections/community.general/pull/1635,
9
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2021-106.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2021-106.yaml
10
reference_url https://lists.debian.org/debian-lts-announce/2023/12/msg00018.html
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2023/12/msg00018.html
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUQ2QKAQA5OW2TY3ACZZMFIAJ2EQTG37
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUQ2QKAQA5OW2TY3ACZZMFIAJ2EQTG37
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HIU7QZUV73U6ZQ65VJWSFBTCALVXLH55
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HIU7QZUV73U6ZQ65VJWSFBTCALVXLH55
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUQ2QKAQA5OW2TY3ACZZMFIAJ2EQTG37
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUQ2QKAQA5OW2TY3ACZZMFIAJ2EQTG37
14
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUQ2QKAQA5OW2TY3ACZZMFIAJ2EQTG37/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUQ2QKAQA5OW2TY3ACZZMFIAJ2EQTG37/
15
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HIU7QZUV73U6ZQ65VJWSFBTCALVXLH55
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HIU7QZUV73U6ZQ65VJWSFBTCALVXLH55
16
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HIU7QZUV73U6ZQ65VJWSFBTCALVXLH55/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HIU7QZUV73U6ZQ65VJWSFBTCALVXLH55/
17
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985753
reference_id 985753
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985753
18
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-20178
reference_id CVE-2021-20178
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-20178
19
reference_url https://access.redhat.com/errata/RHSA-2021:0663
reference_id RHSA-2021:0663
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0663
20
reference_url https://access.redhat.com/errata/RHSA-2021:0664
reference_id RHSA-2021:0664
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0664
21
reference_url https://access.redhat.com/errata/RHSA-2021:1079
reference_id RHSA-2021:1079
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:1079
22
reference_url https://access.redhat.com/errata/RHSA-2021:2180
reference_id RHSA-2021:2180
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:2180
fixed_packages
0
url pkg:pypi/ansible@2.9.18
purl pkg:pypi/ansible@2.9.18
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8u2v-jtqe-dqg3
1
vulnerability VCID-am9g-ba4h-sfhr
2
vulnerability VCID-dkds-s3ad-cufa
3
vulnerability VCID-gm99-68bj-c3cz
4
vulnerability VCID-hjc4-jcfm-7be5
5
vulnerability VCID-vhxq-1hqq-77bx
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.18
aliases CVE-2021-20178, GHSA-wv5p-gmmv-wh9v, PYSEC-2021-106
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pqj1-u787-g3aj
7
url VCID-vhxq-1hqq-77bx
vulnerability_id VCID-vhxq-1hqq-77bx
summary An Improper Output Neutralization for Logs flaw was found in Ansible when using the uri module, where sensitive data is exposed to content and json output. This flaw allows an attacker to access the logs or outputs of performed tasks to read keys used in playbooks from other users within the uri module. The highest threat from this vulnerability is to data confidentiality.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14330.json
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14330.json
1
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-14330
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-14330
2
reference_url https://github.com/advisories/GHSA-785x-qw4v-6872
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-785x-qw4v-6872
3
reference_url https://github.com/ansible/ansible
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible
4
reference_url https://github.com/ansible/ansible/commit/e0f25a2b1f9e6c21f751ba0ed2dc2eee2152983e
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/e0f25a2b1f9e6c21f751ba0ed2dc2eee2152983e
5
reference_url https://github.com/ansible/ansible/issues/68400
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/issues/68400
6
reference_url https://github.com/ansible/ansible/pull/69653
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/pull/69653
7
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2020-3.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2020-3.yaml
8
reference_url https://www.debian.org/security/2021/dsa-4950
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2021/dsa-4950
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1856815
reference_id 1856815
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1856815
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-14330
reference_id CVE-2020-14330
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-14330
11
reference_url https://access.redhat.com/errata/RHSA-2020:3600
reference_id RHSA-2020:3600
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3600
fixed_packages
0
url pkg:pypi/ansible@2.10.0
purl pkg:pypi/ansible@2.10.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2z4k-r21v-rfgx
1
vulnerability VCID-am9g-ba4h-sfhr
2
vulnerability VCID-hjc4-jcfm-7be5
3
vulnerability VCID-p4p5-29r5-8qh9
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.10.0
aliases CVE-2020-14330, GHSA-785x-qw4v-6872, PYSEC-2020-3
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vhxq-1hqq-77bx
Fixing_vulnerabilities
0
url VCID-8u2v-jtqe-dqg3
vulnerability_id VCID-8u2v-jtqe-dqg3
summary A flaw was found in the Ansible Engine 2.9.18, where sensitive info is not masked by default and is not protected by the no_log feature when using the sub-option feature of the basic.py module. This flaw allows an attacker to obtain sensitive information. The highest threat from this vulnerability is to confidentiality.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20228.json
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20228.json
1
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1925002
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1925002
2
reference_url https://github.com/advisories/GHSA-5rrg-rr89-x9mv
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-5rrg-rr89-x9mv
3
reference_url https://github.com/ansible/ansible
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible
4
reference_url https://github.com/ansible/ansible/commit/49ebd509df9de1c1fc1bcee00e79a835dd00662c
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/49ebd509df9de1c1fc1bcee00e79a835dd00662c
5
reference_url https://github.com/ansible/ansible/commit/e41d1f0a3fd6c466192e7e24accd3d1c6501111b
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/e41d1f0a3fd6c466192e7e24accd3d1c6501111b
6
reference_url https://github.com/ansible/ansible/commit/f8ff395d817c3eddc050f809919c15dfb5796120
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/f8ff395d817c3eddc050f809919c15dfb5796120
7
reference_url https://github.com/ansible/ansible/pull/73487
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/pull/73487
8
reference_url https://github.com/ansible/ansible/pull/73492
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/pull/73492
9
reference_url https://github.com/ansible/ansible/pull/73493
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/pull/73493
10
reference_url https://github.com/ansible/ansible/pull/73494
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/pull/73494
11
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2021-1.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2021-1.yaml
12
reference_url https://www.debian.org/security/2021/dsa-4950
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2021/dsa-4950
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-20228
reference_id CVE-2021-20228
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-20228
14
reference_url https://access.redhat.com/errata/RHSA-2021:0663
reference_id RHSA-2021:0663
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0663
15
reference_url https://access.redhat.com/errata/RHSA-2021:0664
reference_id RHSA-2021:0664
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0664
16
reference_url https://access.redhat.com/errata/RHSA-2021:1079
reference_id RHSA-2021:1079
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:1079
17
reference_url https://access.redhat.com/errata/RHSA-2021:2180
reference_id RHSA-2021:2180
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:2180
fixed_packages
0
url pkg:pypi/ansible@2.0.0.1
purl pkg:pypi/ansible@2.0.0.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1d8u-w26v-nqfd
1
vulnerability VCID-1sty-hqbq-63hy
2
vulnerability VCID-2z4k-r21v-rfgx
3
vulnerability VCID-7qnx-1gp2-v7bb
4
vulnerability VCID-833d-up6b-rfe1
5
vulnerability VCID-8u2v-jtqe-dqg3
6
vulnerability VCID-am9g-ba4h-sfhr
7
vulnerability VCID-cuq1-se5h-vygd
8
vulnerability VCID-cxts-25nq-4fcs
9
vulnerability VCID-dkds-s3ad-cufa
10
vulnerability VCID-g8tj-eaqr-myaa
11
vulnerability VCID-gm99-68bj-c3cz
12
vulnerability VCID-gxw4-ydnj-fkfe
13
vulnerability VCID-hd4w-ksm9-uycv
14
vulnerability VCID-hjc4-jcfm-7be5
15
vulnerability VCID-hpqa-ysnc-b7dw
16
vulnerability VCID-hq4d-92s2-vqg6
17
vulnerability VCID-j6qc-x7e6-buen
18
vulnerability VCID-k8a2-5yfh-j7gp
19
vulnerability VCID-mbj9-3bnb-wbda
20
vulnerability VCID-mj75-gu96-33ay
21
vulnerability VCID-p4p5-29r5-8qh9
22
vulnerability VCID-pqj1-u787-g3aj
23
vulnerability VCID-rgcg-pkhf-7ydk
24
vulnerability VCID-subj-aje2-93bk
25
vulnerability VCID-utrp-hfpb-tygj
26
vulnerability VCID-vhxq-1hqq-77bx
27
vulnerability VCID-vsv2-4d8c-m3g1
28
vulnerability VCID-x4mr-vrp9-ufg6
29
vulnerability VCID-ykkx-swgs-vybn
30
vulnerability VCID-yre5-mmmj-q3bn
31
vulnerability VCID-zwrg-9mrq-effd
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.0.0.1
1
url pkg:pypi/ansible@2.8.19rc1
purl pkg:pypi/ansible@2.8.19rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-833d-up6b-rfe1
1
vulnerability VCID-8u2v-jtqe-dqg3
2
vulnerability VCID-am9g-ba4h-sfhr
3
vulnerability VCID-dkds-s3ad-cufa
4
vulnerability VCID-gm99-68bj-c3cz
5
vulnerability VCID-hjc4-jcfm-7be5
6
vulnerability VCID-p4p5-29r5-8qh9
7
vulnerability VCID-pqj1-u787-g3aj
8
vulnerability VCID-vhxq-1hqq-77bx
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.8.19rc1
2
url pkg:pypi/ansible@2.9.1
purl pkg:pypi/ansible@2.9.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2z4k-r21v-rfgx
1
vulnerability VCID-5t77-f231-6ffg
2
vulnerability VCID-78m2-3fj5-tbh1
3
vulnerability VCID-7ben-361w-tkdr
4
vulnerability VCID-7qnx-1gp2-v7bb
5
vulnerability VCID-833d-up6b-rfe1
6
vulnerability VCID-8u2v-jtqe-dqg3
7
vulnerability VCID-am9g-ba4h-sfhr
8
vulnerability VCID-cuq1-se5h-vygd
9
vulnerability VCID-cxts-25nq-4fcs
10
vulnerability VCID-dkds-s3ad-cufa
11
vulnerability VCID-ec6s-8f24-9bh7
12
vulnerability VCID-etb4-2qch-6kgw
13
vulnerability VCID-gm99-68bj-c3cz
14
vulnerability VCID-gxw4-ydnj-fkfe
15
vulnerability VCID-hjc4-jcfm-7be5
16
vulnerability VCID-hq4d-92s2-vqg6
17
vulnerability VCID-hs3w-mah1-ckb5
18
vulnerability VCID-mbj9-3bnb-wbda
19
vulnerability VCID-p4p5-29r5-8qh9
20
vulnerability VCID-pqj1-u787-g3aj
21
vulnerability VCID-ptg6-bwz8-pud8
22
vulnerability VCID-qztj-r7zc-jue3
23
vulnerability VCID-subj-aje2-93bk
24
vulnerability VCID-vhxq-1hqq-77bx
25
vulnerability VCID-vsv2-4d8c-m3g1
26
vulnerability VCID-w2n8-uxbb-k7f9
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.1
3
url pkg:pypi/ansible@2.9.18rc1
purl pkg:pypi/ansible@2.9.18rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8u2v-jtqe-dqg3
1
vulnerability VCID-am9g-ba4h-sfhr
2
vulnerability VCID-dkds-s3ad-cufa
3
vulnerability VCID-gm99-68bj-c3cz
4
vulnerability VCID-hjc4-jcfm-7be5
5
vulnerability VCID-p4p5-29r5-8qh9
6
vulnerability VCID-pqj1-u787-g3aj
7
vulnerability VCID-vhxq-1hqq-77bx
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.18rc1
4
url pkg:pypi/ansible@2.9.19
purl pkg:pypi/ansible@2.9.19
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-am9g-ba4h-sfhr
1
vulnerability VCID-dkds-s3ad-cufa
2
vulnerability VCID-gm99-68bj-c3cz
3
vulnerability VCID-hjc4-jcfm-7be5
4
vulnerability VCID-vhxq-1hqq-77bx
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.19
5
url pkg:pypi/ansible@2.10.6rc1
purl pkg:pypi/ansible@2.10.6rc1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.10.6rc1
aliases CVE-2021-20228, GHSA-5rrg-rr89-x9mv, PYSEC-2021-1
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8u2v-jtqe-dqg3
1
url VCID-p4p5-29r5-8qh9
vulnerability_id VCID-p4p5-29r5-8qh9
summary A flaw was found in ansible. Credentials, such as secrets, are being disclosed in console log by default and not protected by no_log feature when using those modules. An attacker can take advantage of this information to steal those credentials. The highest threat from this vulnerability is to data confidentiality. Versions before ansible 2.9.18 are affected.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20191.json
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20191.json
1
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1916813
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1916813
2
reference_url https://github.com/advisories/GHSA-8f4m-hccc-8qph
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-8f4m-hccc-8qph
3
reference_url https://github.com/ansible/ansible
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible
4
reference_url https://github.com/ansible/ansible/commit/cc82d986c40328d4ae81298a9d287c95a6326bb0
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/cc82d986c40328d4ae81298a9d287c95a6326bb0
5
reference_url https://github.com/ansible/ansible/commit/d74a1b1d1325af2a24848044cf2858987f5a3ecc
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/d74a1b1d1325af2a24848044cf2858987f5a3ecc
6
reference_url https://github.com/ansible/ansible/pull/73488
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/pull/73488
7
reference_url https://github.com/ansible/ansible/pull/73489
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/pull/73489
8
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2021-124.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2021-124.yaml
9
reference_url https://lists.debian.org/debian-lts-announce/2023/12/msg00018.html
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2023/12/msg00018.html
10
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985753
reference_id 985753
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985753
11
reference_url https://access.redhat.com/security/cve/cve-2021-20191
reference_id CVE-2021-20191
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/cve-2021-20191
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-20191
reference_id CVE-2021-20191
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-20191
13
reference_url https://access.redhat.com/errata/RHSA-2021:0663
reference_id RHSA-2021:0663
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0663
14
reference_url https://access.redhat.com/errata/RHSA-2021:0664
reference_id RHSA-2021:0664
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0664
15
reference_url https://access.redhat.com/errata/RHSA-2021:1079
reference_id RHSA-2021:1079
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:1079
16
reference_url https://access.redhat.com/errata/RHSA-2021:2180
reference_id RHSA-2021:2180
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:2180
fixed_packages
0
url pkg:pypi/ansible@2.8.19rc1
purl pkg:pypi/ansible@2.8.19rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-833d-up6b-rfe1
1
vulnerability VCID-8u2v-jtqe-dqg3
2
vulnerability VCID-am9g-ba4h-sfhr
3
vulnerability VCID-dkds-s3ad-cufa
4
vulnerability VCID-gm99-68bj-c3cz
5
vulnerability VCID-hjc4-jcfm-7be5
6
vulnerability VCID-p4p5-29r5-8qh9
7
vulnerability VCID-pqj1-u787-g3aj
8
vulnerability VCID-vhxq-1hqq-77bx
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.8.19rc1
1
url pkg:pypi/ansible@2.8.19
purl pkg:pypi/ansible@2.8.19
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-833d-up6b-rfe1
1
vulnerability VCID-8u2v-jtqe-dqg3
2
vulnerability VCID-am9g-ba4h-sfhr
3
vulnerability VCID-dkds-s3ad-cufa
4
vulnerability VCID-gm99-68bj-c3cz
5
vulnerability VCID-hjc4-jcfm-7be5
6
vulnerability VCID-pqj1-u787-g3aj
7
vulnerability VCID-vhxq-1hqq-77bx
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.8.19
2
url pkg:pypi/ansible@2.9.18rc1
purl pkg:pypi/ansible@2.9.18rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8u2v-jtqe-dqg3
1
vulnerability VCID-am9g-ba4h-sfhr
2
vulnerability VCID-dkds-s3ad-cufa
3
vulnerability VCID-gm99-68bj-c3cz
4
vulnerability VCID-hjc4-jcfm-7be5
5
vulnerability VCID-p4p5-29r5-8qh9
6
vulnerability VCID-pqj1-u787-g3aj
7
vulnerability VCID-vhxq-1hqq-77bx
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.18rc1
3
url pkg:pypi/ansible@2.9.18
purl pkg:pypi/ansible@2.9.18
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8u2v-jtqe-dqg3
1
vulnerability VCID-am9g-ba4h-sfhr
2
vulnerability VCID-dkds-s3ad-cufa
3
vulnerability VCID-gm99-68bj-c3cz
4
vulnerability VCID-hjc4-jcfm-7be5
5
vulnerability VCID-vhxq-1hqq-77bx
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.18
4
url pkg:pypi/ansible@2.10.7
purl pkg:pypi/ansible@2.10.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-hjc4-jcfm-7be5
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.10.7
aliases CVE-2021-20191, GHSA-8f4m-hccc-8qph, PYSEC-2021-124
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-p4p5-29r5-8qh9
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.18rc1