Package Instance

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/ansible/ansible/commit/49ebd509df9de1c1fc1bcee00e79a835dd00662c

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/ansible/ansible/commit/49ebd509df9de1c1fc1bcee00e79a835dd00662c

reference_url

https://github.com/ansible/ansible/commit/e41d1f0a3fd6c466192e7e24accd3d1c6501111b

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/ansible/ansible/commit/e41d1f0a3fd6c466192e7e24accd3d1c6501111b

reference_url

https://github.com/ansible/ansible/commit/f8ff395d817c3eddc050f809919c15dfb5796120

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/ansible/ansible/commit/f8ff395d817c3eddc050f809919c15dfb5796120

reference_url

https://github.com/ansible/ansible/pull/73487

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/ansible/ansible/pull/73487

reference_url

https://github.com/ansible/ansible/pull/73492

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/ansible/ansible/pull/73492

reference_url

https://github.com/ansible/ansible/pull/73493

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/ansible/ansible/pull/73493

reference_url

https://github.com/ansible/ansible/pull/73494

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/ansible/ansible/pull/73494

reference_url

https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2021-1.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2021-1.yaml

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2021-20228

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2021-20228

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00021.html

reference_url	https://access.redhat.com/errata/RHSA-2021:0663
reference_id	RHSA-2021:0663
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0663

reference_url	https://access.redhat.com/errata/RHSA-2021:0664
reference_id	RHSA-2021:0664
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0664

reference_url	https://access.redhat.com/errata/RHSA-2021:1079
reference_id	RHSA-2021:1079
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:1079

reference_url	https://access.redhat.com/errata/RHSA-2021:2180
reference_id	RHSA-2021:2180
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:2180

fixed_packages

url pkg:pypi/ansible@2.0.0.1

purl pkg:pypi/ansible@2.0.0.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4yvf-k192-9fca

vulnerability	VCID-682j-e2pu-1uee

vulnerability	VCID-ae1r-yq1g-rkem

vulnerability	VCID-atun-stks-4kcb

vulnerability	VCID-axc3-wcsk-q3eg

vulnerability	VCID-b8zs-br97-57av

vulnerability	VCID-c1xg-s3kx-gkft

vulnerability	VCID-d4ka-dk4p-kfhb

vulnerability	VCID-d7ez-s7qb-p3ay

vulnerability	VCID-drt9-vx5r-akgm

vulnerability	VCID-e3z2-ydhb-gqfg

vulnerability	VCID-ezaq-tqd3-4yd1

vulnerability	VCID-fetz-42jf-nqe8

vulnerability	VCID-fj2p-7wkh-1fhq

vulnerability	VCID-geaa-6dxx-tbcw

vulnerability	VCID-hfxe-jjf5-nqd1

vulnerability	VCID-hqar-fca3-cbht

vulnerability	VCID-jhxm-379u-subt

vulnerability	VCID-jnmu-c8dt-5yb6

vulnerability	VCID-js7k-ptm9-2yh1

vulnerability	VCID-kb5h-116p-33b4

vulnerability	VCID-puq1-z5h7-pkdg

vulnerability	VCID-q4q1-aueh-sub2

vulnerability	VCID-qbdk-hxhg-wbh4

vulnerability	VCID-r6bb-p28b-8fcn

vulnerability	VCID-rdwq-93d6-c7b4

vulnerability	VCID-rg5d-st3d-nbah

vulnerability	VCID-rknj-nkgs-wyg2

vulnerability	VCID-s1r4-29kw-5kbg

vulnerability	VCID-t6db-buke-nfhf

vulnerability	VCID-tdp4-h4ht-pqhs

vulnerability	VCID-ujbp-cc1r-wfe9

vulnerability	VCID-v3h9-1t69-v7a3

vulnerability	VCID-whyk-3ynn-zyf4

vulnerability	VCID-wqm7-2ajr-6ue8

vulnerability	VCID-x5e2-7whc-v3fc

vulnerability	VCID-x94k-nxyd-27gs

vulnerability	VCID-xw8r-fn6y-mbhp

vulnerability	VCID-yc8n-wxb4-1uaz

vulnerability	VCID-yeea-n94x-qqch

vulnerability	VCID-ykxk-6mpc-wkgt

vulnerability	VCID-yur3-am6j-w7ay

vulnerability	VCID-zmr4-652z-r3dm

vulnerability	VCID-zzzs-scbg-bbe9

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.0.0.1

url pkg:pypi/ansible@2.8.19rc1

purl pkg:pypi/ansible@2.8.19rc1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4yvf-k192-9fca

vulnerability	VCID-682j-e2pu-1uee

vulnerability	VCID-atun-stks-4kcb

vulnerability	VCID-axc3-wcsk-q3eg

vulnerability	VCID-c1xg-s3kx-gkft

vulnerability	VCID-dzdx-wae5-8ydy

vulnerability	VCID-e3z2-ydhb-gqfg

vulnerability	VCID-fj2p-7wkh-1fhq

vulnerability	VCID-geaa-6dxx-tbcw

vulnerability	VCID-js7k-ptm9-2yh1

vulnerability	VCID-qbdk-hxhg-wbh4

vulnerability	VCID-rdwq-93d6-c7b4

vulnerability	VCID-rg5d-st3d-nbah

vulnerability	VCID-ujbp-cc1r-wfe9

vulnerability	VCID-v3h9-1t69-v7a3

vulnerability	VCID-x94k-nxyd-27gs

vulnerability	VCID-xw8r-fn6y-mbhp

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.8.19rc1

url pkg:pypi/ansible@2.9.1

purl pkg:pypi/ansible@2.9.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3jej-4jyp-cqbt

vulnerability	VCID-4yvf-k192-9fca

vulnerability	VCID-682j-e2pu-1uee

vulnerability	VCID-a49n-tvnt-p3df

vulnerability	VCID-ae1r-yq1g-rkem

vulnerability	VCID-atun-stks-4kcb

vulnerability	VCID-axc3-wcsk-q3eg

vulnerability	VCID-b8zs-br97-57av

vulnerability	VCID-c1xg-s3kx-gkft

vulnerability	VCID-d4ka-dk4p-kfhb

vulnerability	VCID-d7ez-s7qb-p3ay

vulnerability	VCID-dzdx-wae5-8ydy

vulnerability	VCID-e3z2-ydhb-gqfg

vulnerability	VCID-ezaq-tqd3-4yd1

vulnerability	VCID-ezux-6buh-h7h7

vulnerability	VCID-fj2p-7wkh-1fhq

vulnerability	VCID-geaa-6dxx-tbcw

vulnerability	VCID-h1n3-cmte-eugf

vulnerability	VCID-hqar-fca3-cbht

vulnerability	VCID-jrxz-b168-7ug4

vulnerability	VCID-js7k-ptm9-2yh1

vulnerability	VCID-qbdk-hxhg-wbh4

vulnerability	VCID-rdwq-93d6-c7b4

vulnerability	VCID-rg5d-st3d-nbah

vulnerability	VCID-tdp4-h4ht-pqhs

vulnerability	VCID-uhg5-zpzt-e3gz

vulnerability	VCID-ujbp-cc1r-wfe9

vulnerability	VCID-v3h9-1t69-v7a3

vulnerability	VCID-whyk-3ynn-zyf4

vulnerability	VCID-x94k-nxyd-27gs

vulnerability	VCID-xg2f-12w4-yqge

vulnerability	VCID-xw8r-fn6y-mbhp

vulnerability	VCID-yeea-n94x-qqch

vulnerability	VCID-yur3-am6j-w7ay

vulnerability	VCID-zzzs-scbg-bbe9

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.1

url pkg:pypi/ansible@2.9.18rc1

purl pkg:pypi/ansible@2.9.18rc1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4yvf-k192-9fca

vulnerability	VCID-682j-e2pu-1uee

vulnerability	VCID-atun-stks-4kcb

vulnerability	VCID-axc3-wcsk-q3eg

vulnerability	VCID-c1xg-s3kx-gkft

vulnerability	VCID-dzdx-wae5-8ydy

vulnerability	VCID-e3z2-ydhb-gqfg

vulnerability	VCID-fj2p-7wkh-1fhq

vulnerability	VCID-geaa-6dxx-tbcw

vulnerability	VCID-js7k-ptm9-2yh1

vulnerability	VCID-qbdk-hxhg-wbh4

vulnerability	VCID-rg5d-st3d-nbah

vulnerability	VCID-ujbp-cc1r-wfe9

vulnerability	VCID-v3h9-1t69-v7a3

vulnerability	VCID-xw8r-fn6y-mbhp

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.18rc1

url pkg:pypi/ansible@2.9.19rc1

purl pkg:pypi/ansible@2.9.19rc1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4yvf-k192-9fca

vulnerability	VCID-682j-e2pu-1uee

vulnerability	VCID-axc3-wcsk-q3eg

vulnerability	VCID-c1xg-s3kx-gkft

vulnerability	VCID-dzdx-wae5-8ydy

vulnerability	VCID-e3z2-ydhb-gqfg

vulnerability	VCID-geaa-6dxx-tbcw

vulnerability	VCID-qbdk-hxhg-wbh4

vulnerability	VCID-rg5d-st3d-nbah

vulnerability	VCID-ujbp-cc1r-wfe9

vulnerability	VCID-v3h9-1t69-v7a3

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.19rc1

url pkg:pypi/ansible@2.9.19

purl pkg:pypi/ansible@2.9.19

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4yvf-k192-9fca

vulnerability	VCID-682j-e2pu-1uee

vulnerability	VCID-axc3-wcsk-q3eg

vulnerability	VCID-c1xg-s3kx-gkft

vulnerability	VCID-dzdx-wae5-8ydy

vulnerability	VCID-geaa-6dxx-tbcw

vulnerability	VCID-qbdk-hxhg-wbh4

vulnerability	VCID-rg5d-st3d-nbah

vulnerability	VCID-ujbp-cc1r-wfe9

vulnerability	VCID-v3h9-1t69-v7a3

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.19

url	pkg:pypi/ansible@2.10.6rc1
purl	pkg:pypi/ansible@2.10.6rc1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.10.6rc1

url pkg:pypi/ansible@2.10.6

purl pkg:pypi/ansible@2.10.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4yvf-k192-9fca

vulnerability	VCID-682j-e2pu-1uee

vulnerability	VCID-axc3-wcsk-q3eg

vulnerability	VCID-qbdk-hxhg-wbh4

vulnerability	VCID-ujbp-cc1r-wfe9

vulnerability	VCID-xw8r-fn6y-mbhp

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.10.6

aliases CVE-2021-20228, GHSA-5rrg-rr89-x9mv, PYSEC-2021-1

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-e3z2-ydhb-gqfg

url VCID-jnmu-c8dt-5yb6

vulnerability_id VCID-jnmu-c8dt-5yb6

summary A vulnerability was found in Ansible engine 2.x up to 2.8 and Ansible tower 3.x up to 3.5. When a module has an argument_spec with sub parameters marked as no_log, passing an invalid parameter name to the module will cause the task to fail before the no_log options in the sub parameters are processed. As a result, data in the sub parameter fields will not be masked and will be displayed if Ansible is run with increased verbosity and present in the module invocation arguments for the task.

references

reference_url

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	6.8
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00021.html

reference_url

http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00026.html

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	6.8
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00026.html

reference_url

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	6.8
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	6.8
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	6.8
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	6.8
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	6.8
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14858.json

reference_url

reference_id

reference_type

scores

value	5.0
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14858.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-14858

reference_id

reference_type

scores

value	0.00041
scoring_system	epss
scoring_elements	0.12329
published_at	2026-04-21T12:55:00Z

value	0.00059
scoring_system	epss
scoring_elements	0.18479
published_at	2026-04-01T12:55:00Z

value	0.00059
scoring_system	epss
scoring_elements	0.18387
published_at	2026-04-18T12:55:00Z

value	0.00059
scoring_system	epss
scoring_elements	0.18374
published_at	2026-04-16T12:55:00Z

value	0.00059
scoring_system	epss
scoring_elements	0.1843
published_at	2026-04-13T12:55:00Z

value	0.00059
scoring_system	epss
scoring_elements	0.18481
published_at	2026-04-12T12:55:00Z

value	0.00059
scoring_system	epss
scoring_elements	0.18529
published_at	2026-04-11T12:55:00Z

value	0.00059
scoring_system	epss
scoring_elements	0.18528
published_at	2026-04-09T12:55:00Z

value	0.00059
scoring_system	epss
scoring_elements	0.18475
published_at	2026-04-08T12:55:00Z

value	0.00059
scoring_system	epss
scoring_elements	0.18394
published_at	2026-04-07T12:55:00Z

value	0.00059
scoring_system	epss
scoring_elements	0.18679
published_at	2026-04-04T12:55:00Z

value	0.00059
scoring_system	epss
scoring_elements	0.18624
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-14858

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14858

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	6.8
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14858

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14858
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14858

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	2.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	6.8
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/ansible/ansible/commit/0fd656e9964a91f2e8b1e9bbf78c74661ab9d37b

reference_url

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	6.8
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/ansible/ansible/commit/0fd656e9964a91f2e8b1e9bbf78c74661ab9d37b

reference_url

https://github.com/ansible/ansible/commit/3dfb8e81bb5f776a6b00c7a90dd087e85b71f8bb

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	6.8
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/ansible/ansible/commit/3dfb8e81bb5f776a6b00c7a90dd087e85b71f8bb

reference_url

https://github.com/ansible/ansible/commit/87f8d77d70476454f7fe2381bd363a329ce4266c

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	6.8
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/ansible/ansible/commit/87f8d77d70476454f7fe2381bd363a329ce4266c

reference_url

https://github.com/ansible/ansible/commit/f610ed3a4eb87eb557200606279796921fa9b722

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	6.8
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/ansible/ansible/commit/f610ed3a4eb87eb557200606279796921fa9b722

reference_url

https://github.com/ansible/ansible/pull/63405

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	6.8
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/ansible/ansible/pull/63405

reference_url

https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2019-171.yaml

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	6.8
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2019-171.yaml

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-14858

reference_id

reference_type

scores

value	2.1
scoring_system	cvssv2
scoring_elements	AV:L/AC:L/Au:N/C:P/I:N/A:N

value	7.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	6.8
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2019-14858

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1760593
reference_id	1760593
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1760593

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=942332
reference_id	942332
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=942332

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_engine::::::::
reference_id	cpe:2.3:a:redhat:ansible_engine::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_engine::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_tower::::::::
reference_id	cpe:2.3:a:redhat:ansible_tower::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_tower::::::::

reference_url

https://github.com/advisories/GHSA-h653-95qw-h2mp

reference_id

GHSA-h653-95qw-h2mp

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-h653-95qw-h2mp

fixed_packages

url pkg:pypi/ansible@2.6.20

purl pkg:pypi/ansible@2.6.20

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4yvf-k192-9fca

vulnerability	VCID-682j-e2pu-1uee

vulnerability	VCID-ae1r-yq1g-rkem

vulnerability	VCID-atun-stks-4kcb

vulnerability	VCID-axc3-wcsk-q3eg

vulnerability	VCID-b8zs-br97-57av

vulnerability	VCID-c1xg-s3kx-gkft

vulnerability	VCID-d4ka-dk4p-kfhb

vulnerability	VCID-d7ez-s7qb-p3ay

vulnerability	VCID-dzdx-wae5-8ydy

vulnerability	VCID-e3z2-ydhb-gqfg

vulnerability	VCID-ezaq-tqd3-4yd1

vulnerability	VCID-fj2p-7wkh-1fhq

vulnerability	VCID-geaa-6dxx-tbcw

vulnerability	VCID-hqar-fca3-cbht

vulnerability	VCID-jnmu-c8dt-5yb6

vulnerability	VCID-js7k-ptm9-2yh1

vulnerability	VCID-qbdk-hxhg-wbh4

vulnerability	VCID-rdwq-93d6-c7b4

vulnerability	VCID-rg5d-st3d-nbah

vulnerability	VCID-tdp4-h4ht-pqhs

vulnerability	VCID-ujbp-cc1r-wfe9

vulnerability	VCID-v3h9-1t69-v7a3

vulnerability	VCID-whyk-3ynn-zyf4

vulnerability	VCID-x94k-nxyd-27gs

vulnerability	VCID-xw8r-fn6y-mbhp

vulnerability	VCID-yeea-n94x-qqch

vulnerability	VCID-yur3-am6j-w7ay

vulnerability	VCID-zzzs-scbg-bbe9

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.6.20

url pkg:pypi/ansible@2.7.14

purl pkg:pypi/ansible@2.7.14

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4yvf-k192-9fca

vulnerability	VCID-682j-e2pu-1uee

vulnerability	VCID-a49n-tvnt-p3df

vulnerability	VCID-ae1r-yq1g-rkem

vulnerability	VCID-atun-stks-4kcb

vulnerability	VCID-axc3-wcsk-q3eg

vulnerability	VCID-b8zs-br97-57av

vulnerability	VCID-c1xg-s3kx-gkft

vulnerability	VCID-d4ka-dk4p-kfhb

vulnerability	VCID-d7ez-s7qb-p3ay

vulnerability	VCID-dagf-buer-4ffr

vulnerability	VCID-dzdx-wae5-8ydy

vulnerability	VCID-e3z2-ydhb-gqfg

vulnerability	VCID-ezaq-tqd3-4yd1

vulnerability	VCID-ezux-6buh-h7h7

vulnerability	VCID-fj2p-7wkh-1fhq

vulnerability	VCID-geaa-6dxx-tbcw

vulnerability	VCID-h1n3-cmte-eugf

vulnerability	VCID-hqar-fca3-cbht

vulnerability	VCID-jnmu-c8dt-5yb6

vulnerability	VCID-js7k-ptm9-2yh1

vulnerability	VCID-qbdk-hxhg-wbh4

vulnerability	VCID-r6bb-p28b-8fcn

vulnerability	VCID-rdwq-93d6-c7b4

vulnerability	VCID-rg5d-st3d-nbah

vulnerability	VCID-tdp4-h4ht-pqhs

vulnerability	VCID-uhg5-zpzt-e3gz

vulnerability	VCID-ujbp-cc1r-wfe9

vulnerability	VCID-v3h9-1t69-v7a3

vulnerability	VCID-whyk-3ynn-zyf4

vulnerability	VCID-x94k-nxyd-27gs

vulnerability	VCID-xg2f-12w4-yqge

vulnerability	VCID-xw8r-fn6y-mbhp

vulnerability	VCID-yeea-n94x-qqch

vulnerability	VCID-yur3-am6j-w7ay

vulnerability	VCID-zzzs-scbg-bbe9

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.7.14

url pkg:pypi/ansible@2.8.1

purl pkg:pypi/ansible@2.8.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4yvf-k192-9fca

vulnerability	VCID-682j-e2pu-1uee

vulnerability	VCID-7uu9-tj6b-quf6

vulnerability	VCID-a49n-tvnt-p3df

vulnerability	VCID-ae1r-yq1g-rkem

vulnerability	VCID-atun-stks-4kcb

vulnerability	VCID-axc3-wcsk-q3eg

vulnerability	VCID-b8zs-br97-57av

vulnerability	VCID-c1xg-s3kx-gkft

vulnerability	VCID-ckt2-us5z-pyef

vulnerability	VCID-d4ka-dk4p-kfhb

vulnerability	VCID-d7ez-s7qb-p3ay

vulnerability	VCID-dagf-buer-4ffr

vulnerability	VCID-dzdx-wae5-8ydy

vulnerability	VCID-e3z2-ydhb-gqfg

vulnerability	VCID-ezaq-tqd3-4yd1

vulnerability	VCID-ezux-6buh-h7h7

vulnerability	VCID-fj2p-7wkh-1fhq

vulnerability	VCID-geaa-6dxx-tbcw

vulnerability	VCID-h1n3-cmte-eugf

vulnerability	VCID-hqar-fca3-cbht

vulnerability	VCID-jnmu-c8dt-5yb6

vulnerability	VCID-jrxz-b168-7ug4

vulnerability	VCID-js7k-ptm9-2yh1

vulnerability	VCID-kb5h-116p-33b4

vulnerability	VCID-nukv-kkws-xkb1

vulnerability	VCID-qbdk-hxhg-wbh4

vulnerability	VCID-rdwq-93d6-c7b4

vulnerability	VCID-rg5d-st3d-nbah

vulnerability	VCID-swpr-3qae-d7fe

vulnerability	VCID-t6db-buke-nfhf

vulnerability	VCID-tdp4-h4ht-pqhs

vulnerability	VCID-uhg5-zpzt-e3gz

vulnerability	VCID-ujbp-cc1r-wfe9

vulnerability	VCID-v3h9-1t69-v7a3

vulnerability	VCID-whyk-3ynn-zyf4

vulnerability	VCID-x5e2-7whc-v3fc

vulnerability	VCID-x94k-nxyd-27gs

vulnerability	VCID-xg2f-12w4-yqge

vulnerability	VCID-xw8r-fn6y-mbhp

vulnerability	VCID-yeea-n94x-qqch

vulnerability	VCID-ykxk-6mpc-wkgt

vulnerability	VCID-yur3-am6j-w7ay

vulnerability	VCID-zzzs-scbg-bbe9

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.8.1

url pkg:pypi/ansible@2.8.6

purl pkg:pypi/ansible@2.8.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4yvf-k192-9fca

vulnerability	VCID-682j-e2pu-1uee

vulnerability	VCID-a49n-tvnt-p3df

vulnerability	VCID-ae1r-yq1g-rkem

vulnerability	VCID-atun-stks-4kcb

vulnerability	VCID-axc3-wcsk-q3eg

vulnerability	VCID-b8zs-br97-57av

vulnerability	VCID-c1xg-s3kx-gkft

vulnerability	VCID-d4ka-dk4p-kfhb

vulnerability	VCID-d7ez-s7qb-p3ay

vulnerability	VCID-dagf-buer-4ffr

vulnerability	VCID-dzdx-wae5-8ydy

vulnerability	VCID-e3z2-ydhb-gqfg

vulnerability	VCID-ezaq-tqd3-4yd1

vulnerability	VCID-ezux-6buh-h7h7

vulnerability	VCID-fj2p-7wkh-1fhq

vulnerability	VCID-geaa-6dxx-tbcw

vulnerability	VCID-h1n3-cmte-eugf

vulnerability	VCID-hqar-fca3-cbht

vulnerability	VCID-jrxz-b168-7ug4

vulnerability	VCID-js7k-ptm9-2yh1

vulnerability	VCID-qbdk-hxhg-wbh4

vulnerability	VCID-rdwq-93d6-c7b4

vulnerability	VCID-rg5d-st3d-nbah

vulnerability	VCID-tdp4-h4ht-pqhs

vulnerability	VCID-uhg5-zpzt-e3gz

vulnerability	VCID-ujbp-cc1r-wfe9

vulnerability	VCID-v3h9-1t69-v7a3

vulnerability	VCID-whyk-3ynn-zyf4

vulnerability	VCID-x94k-nxyd-27gs

vulnerability	VCID-xg2f-12w4-yqge

vulnerability	VCID-xw8r-fn6y-mbhp

vulnerability	VCID-yeea-n94x-qqch

vulnerability	VCID-yur3-am6j-w7ay

vulnerability	VCID-zzzs-scbg-bbe9

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.8.6

url pkg:pypi/ansible@2.9.0rc4

purl pkg:pypi/ansible@2.9.0rc4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3jej-4jyp-cqbt

vulnerability	VCID-4yvf-k192-9fca

vulnerability	VCID-682j-e2pu-1uee

vulnerability	VCID-a49n-tvnt-p3df

vulnerability	VCID-ae1r-yq1g-rkem

vulnerability	VCID-atun-stks-4kcb

vulnerability	VCID-axc3-wcsk-q3eg

vulnerability	VCID-b8zs-br97-57av

vulnerability	VCID-c1xg-s3kx-gkft

vulnerability	VCID-d4ka-dk4p-kfhb

vulnerability	VCID-d7ez-s7qb-p3ay

vulnerability	VCID-dzdx-wae5-8ydy

vulnerability	VCID-e3z2-ydhb-gqfg

vulnerability	VCID-ezaq-tqd3-4yd1

vulnerability	VCID-ezux-6buh-h7h7

vulnerability	VCID-fj2p-7wkh-1fhq

vulnerability	VCID-geaa-6dxx-tbcw

vulnerability	VCID-h1n3-cmte-eugf

vulnerability	VCID-hqar-fca3-cbht

vulnerability	VCID-jrxz-b168-7ug4

vulnerability	VCID-js7k-ptm9-2yh1

vulnerability	VCID-qbdk-hxhg-wbh4

vulnerability	VCID-rdwq-93d6-c7b4

vulnerability	VCID-rg5d-st3d-nbah

vulnerability	VCID-uhg5-zpzt-e3gz

vulnerability	VCID-ujbp-cc1r-wfe9

vulnerability	VCID-v3h9-1t69-v7a3

vulnerability	VCID-whyk-3ynn-zyf4

vulnerability	VCID-x94k-nxyd-27gs

vulnerability	VCID-xg2f-12w4-yqge

vulnerability	VCID-xw8r-fn6y-mbhp

vulnerability	VCID-yeea-n94x-qqch

vulnerability	VCID-yur3-am6j-w7ay

vulnerability	VCID-zzzs-scbg-bbe9

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.0rc4

aliases CVE-2019-14858, GHSA-h653-95qw-h2mp, PYSEC-2019-171

risk_score 3.3

exploitability 0.5

weighted_severity 6.6

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jnmu-c8dt-5yb6

url VCID-kb5h-116p-33b4

vulnerability_id VCID-kb5h-116p-33b4

summary In Ansible, all Ansible Engine versions up to ansible-engine 2.8.5, ansible-engine 2.7.13, ansible-engine 2.6.19, were logging at the DEBUG level which lead to a disclosure of credentials if a plugin used a library that logged credentials at the DEBUG level. This flaw does not affect Ansible modules, as those are executed in a separate process.

references

reference_url

http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00021.html

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	8.5
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00021.html

reference_url

http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00026.html

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	8.5
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00026.html

reference_url

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	8.5
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	8.5
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	8.5
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	8.5
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	8.5
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14846.json

reference_url

reference_id

reference_type

scores

value	7.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14846.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-14846

reference_id

reference_type

scores

value	0.00116
scoring_system	epss
scoring_elements	0.3028
published_at	2026-04-21T12:55:00Z

value	0.00127
scoring_system	epss
scoring_elements	0.31978
published_at	2026-04-16T12:55:00Z

value	0.00127
scoring_system	epss
scoring_elements	0.31957
published_at	2026-04-18T12:55:00Z

value	0.00153
scoring_system	epss
scoring_elements	0.36104
published_at	2026-04-02T12:55:00Z

value	0.00153
scoring_system	epss
scoring_elements	0.36134
published_at	2026-04-04T12:55:00Z

value	0.00153
scoring_system	epss
scoring_elements	0.3597
published_at	2026-04-07T12:55:00Z

value	0.00153
scoring_system	epss
scoring_elements	0.36019
published_at	2026-04-08T12:55:00Z

value	0.00153
scoring_system	epss
scoring_elements	0.36043
published_at	2026-04-09T12:55:00Z

value	0.00153
scoring_system	epss
scoring_elements	0.36048
published_at	2026-04-11T12:55:00Z

value	0.00153
scoring_system	epss
scoring_elements	0.3601
published_at	2026-04-12T12:55:00Z

value	0.00153
scoring_system	epss
scoring_elements	0.35985
published_at	2026-04-13T12:55:00Z

value	0.00153
scoring_system	epss
scoring_elements	0.35913
published_at	2026-04-01T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-14846

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14846

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	8.5
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14846

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10156
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10156

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10206
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10206

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14846
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14846

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14864
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14864

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14904
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14904

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10684
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10684

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10685
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10685

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10729
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10729

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14330
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14330

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14332
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14332

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14365
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14365

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1733
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1733

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1735
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1735

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1739
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1739

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1740
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1740

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1746
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1746

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1753
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1753

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20228
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20228

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	2.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	8.5
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/ansible/ansible/commit/90e74dd2600e5cc42dd9b4f4656f3d651c4ce5c4

reference_url

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	8.5
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/ansible/ansible/commit/90e74dd2600e5cc42dd9b4f4656f3d651c4ce5c4

reference_url

https://github.com/ansible/ansible/commit/cb0f535a8b254a2daf69cd067e842fabb2993034

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	8.5
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/ansible/ansible/commit/cb0f535a8b254a2daf69cd067e842fabb2993034

reference_url

https://github.com/ansible/ansible/commit/d961f676c01023a6a21503df16ba551a550e515b

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	8.5
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/ansible/ansible/commit/d961f676c01023a6a21503df16ba551a550e515b

reference_url

https://github.com/ansible/ansible/pull/63366

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	8.5
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/ansible/ansible/pull/63366

reference_url

https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2019-4.yaml

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	8.5
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2019-4.yaml

reference_url

https://lists.debian.org/debian-lts-announce/2020/05/msg00005.html

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	8.5
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2020/05/msg00005.html

reference_url

https://lists.debian.org/debian-lts-announce/2021/01/msg00023.html

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	8.5
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2021/01/msg00023.html

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-14846

reference_id

reference_type

scores

value	2.1
scoring_system	cvssv2
scoring_elements	AV:L/AC:L/Au:N/C:P/I:N/A:N

value	7.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	8.5
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2019-14846

reference_url

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	8.5
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/advisories/GHSA-pm48-cvv2-29q5

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1755373
reference_id	1755373
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1755373

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=942188
reference_id	942188
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=942188

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:sp1::::::
reference_id	cpe:2.3:a:opensuse:backports_sle:15.0:sp1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:sp1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_engine::::::::
reference_id	cpe:2.3:a:redhat:ansible_engine::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_engine::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_engine:2.0:::::::*
reference_id	cpe:2.3:a:redhat:ansible_engine:2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_engine:2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_engine:2.8.0:::::::*
reference_id	cpe:2.3:a:redhat:ansible_engine:2.8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_engine:2.8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:13:::::::*
reference_id	cpe:2.3:a:redhat:openstack:13:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:13:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:10.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:::::::*
reference_id	cpe:2.3:o:opensuse:leap:15.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:8.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:8.0:::::::*

reference_url

reference_id

GHSA-pm48-cvv2-29q5

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-pm48-cvv2-29q5

reference_url	https://usn.ubuntu.com/7330-1/
reference_id	USN-7330-1
reference_type
scores
url	https://usn.ubuntu.com/7330-1/

fixed_packages

url pkg:pypi/ansible@2.6.20

purl pkg:pypi/ansible@2.6.20

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4yvf-k192-9fca

vulnerability	VCID-682j-e2pu-1uee

vulnerability	VCID-ae1r-yq1g-rkem

vulnerability	VCID-atun-stks-4kcb

vulnerability	VCID-axc3-wcsk-q3eg

vulnerability	VCID-b8zs-br97-57av

vulnerability	VCID-c1xg-s3kx-gkft

vulnerability	VCID-d4ka-dk4p-kfhb

vulnerability	VCID-d7ez-s7qb-p3ay

vulnerability	VCID-dzdx-wae5-8ydy

vulnerability	VCID-e3z2-ydhb-gqfg

vulnerability	VCID-ezaq-tqd3-4yd1

vulnerability	VCID-fj2p-7wkh-1fhq

vulnerability	VCID-geaa-6dxx-tbcw

vulnerability	VCID-hqar-fca3-cbht

vulnerability	VCID-jnmu-c8dt-5yb6

vulnerability	VCID-js7k-ptm9-2yh1

vulnerability	VCID-qbdk-hxhg-wbh4

vulnerability	VCID-rdwq-93d6-c7b4

vulnerability	VCID-rg5d-st3d-nbah

vulnerability	VCID-tdp4-h4ht-pqhs

vulnerability	VCID-ujbp-cc1r-wfe9

vulnerability	VCID-v3h9-1t69-v7a3

vulnerability	VCID-whyk-3ynn-zyf4

vulnerability	VCID-x94k-nxyd-27gs

vulnerability	VCID-xw8r-fn6y-mbhp

vulnerability	VCID-yeea-n94x-qqch

vulnerability	VCID-yur3-am6j-w7ay

vulnerability	VCID-zzzs-scbg-bbe9

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.6.20

url pkg:pypi/ansible@2.7.14

purl pkg:pypi/ansible@2.7.14

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4yvf-k192-9fca

vulnerability	VCID-682j-e2pu-1uee

vulnerability	VCID-a49n-tvnt-p3df

vulnerability	VCID-ae1r-yq1g-rkem

vulnerability	VCID-atun-stks-4kcb

vulnerability	VCID-axc3-wcsk-q3eg

vulnerability	VCID-b8zs-br97-57av

vulnerability	VCID-c1xg-s3kx-gkft

vulnerability	VCID-d4ka-dk4p-kfhb

vulnerability	VCID-d7ez-s7qb-p3ay

vulnerability	VCID-dagf-buer-4ffr

vulnerability	VCID-dzdx-wae5-8ydy

vulnerability	VCID-e3z2-ydhb-gqfg

vulnerability	VCID-ezaq-tqd3-4yd1

vulnerability	VCID-ezux-6buh-h7h7

vulnerability	VCID-fj2p-7wkh-1fhq

vulnerability	VCID-geaa-6dxx-tbcw

vulnerability	VCID-h1n3-cmte-eugf

vulnerability	VCID-hqar-fca3-cbht

vulnerability	VCID-jnmu-c8dt-5yb6

vulnerability	VCID-js7k-ptm9-2yh1

vulnerability	VCID-qbdk-hxhg-wbh4

vulnerability	VCID-r6bb-p28b-8fcn

vulnerability	VCID-rdwq-93d6-c7b4

vulnerability	VCID-rg5d-st3d-nbah

vulnerability	VCID-tdp4-h4ht-pqhs

vulnerability	VCID-uhg5-zpzt-e3gz

vulnerability	VCID-ujbp-cc1r-wfe9

vulnerability	VCID-v3h9-1t69-v7a3

vulnerability	VCID-whyk-3ynn-zyf4

vulnerability	VCID-x94k-nxyd-27gs

vulnerability	VCID-xg2f-12w4-yqge

vulnerability	VCID-xw8r-fn6y-mbhp

vulnerability	VCID-yeea-n94x-qqch

vulnerability	VCID-yur3-am6j-w7ay

vulnerability	VCID-zzzs-scbg-bbe9

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.7.14

url pkg:pypi/ansible@2.8.6

purl pkg:pypi/ansible@2.8.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4yvf-k192-9fca

vulnerability	VCID-682j-e2pu-1uee

vulnerability	VCID-a49n-tvnt-p3df

vulnerability	VCID-ae1r-yq1g-rkem

vulnerability	VCID-atun-stks-4kcb

vulnerability	VCID-axc3-wcsk-q3eg

vulnerability	VCID-b8zs-br97-57av

vulnerability	VCID-c1xg-s3kx-gkft

vulnerability	VCID-d4ka-dk4p-kfhb

vulnerability	VCID-d7ez-s7qb-p3ay

vulnerability	VCID-dagf-buer-4ffr

vulnerability	VCID-dzdx-wae5-8ydy

vulnerability	VCID-e3z2-ydhb-gqfg

vulnerability	VCID-ezaq-tqd3-4yd1

vulnerability	VCID-ezux-6buh-h7h7

vulnerability	VCID-fj2p-7wkh-1fhq

vulnerability	VCID-geaa-6dxx-tbcw

vulnerability	VCID-h1n3-cmte-eugf

vulnerability	VCID-hqar-fca3-cbht

vulnerability	VCID-jrxz-b168-7ug4

vulnerability	VCID-js7k-ptm9-2yh1

vulnerability	VCID-qbdk-hxhg-wbh4

vulnerability	VCID-rdwq-93d6-c7b4

vulnerability	VCID-rg5d-st3d-nbah

vulnerability	VCID-tdp4-h4ht-pqhs

vulnerability	VCID-uhg5-zpzt-e3gz

vulnerability	VCID-ujbp-cc1r-wfe9

vulnerability	VCID-v3h9-1t69-v7a3

vulnerability	VCID-whyk-3ynn-zyf4

vulnerability	VCID-x94k-nxyd-27gs

vulnerability	VCID-xg2f-12w4-yqge

vulnerability	VCID-xw8r-fn6y-mbhp

vulnerability	VCID-yeea-n94x-qqch

vulnerability	VCID-yur3-am6j-w7ay

vulnerability	VCID-zzzs-scbg-bbe9

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.8.6

url pkg:pypi/ansible@2.9.0b1

purl pkg:pypi/ansible@2.9.0b1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3jej-4jyp-cqbt

vulnerability	VCID-4yvf-k192-9fca

vulnerability	VCID-682j-e2pu-1uee

vulnerability	VCID-a49n-tvnt-p3df

vulnerability	VCID-ae1r-yq1g-rkem

vulnerability	VCID-atun-stks-4kcb

vulnerability	VCID-axc3-wcsk-q3eg

vulnerability	VCID-b8zs-br97-57av

vulnerability	VCID-c1xg-s3kx-gkft

vulnerability	VCID-d4ka-dk4p-kfhb

vulnerability	VCID-d7ez-s7qb-p3ay

vulnerability	VCID-dzdx-wae5-8ydy

vulnerability	VCID-e3z2-ydhb-gqfg

vulnerability	VCID-ezaq-tqd3-4yd1

vulnerability	VCID-ezux-6buh-h7h7

vulnerability	VCID-fj2p-7wkh-1fhq

vulnerability	VCID-geaa-6dxx-tbcw

vulnerability	VCID-h1n3-cmte-eugf

vulnerability	VCID-hqar-fca3-cbht

vulnerability	VCID-jnmu-c8dt-5yb6

vulnerability	VCID-jrxz-b168-7ug4

vulnerability	VCID-js7k-ptm9-2yh1

vulnerability	VCID-qbdk-hxhg-wbh4

vulnerability	VCID-rdwq-93d6-c7b4

vulnerability	VCID-rg5d-st3d-nbah

vulnerability	VCID-uhg5-zpzt-e3gz

vulnerability	VCID-ujbp-cc1r-wfe9

vulnerability	VCID-v3h9-1t69-v7a3

vulnerability	VCID-whyk-3ynn-zyf4

vulnerability	VCID-x94k-nxyd-27gs

vulnerability	VCID-xg2f-12w4-yqge

vulnerability	VCID-xw8r-fn6y-mbhp

vulnerability	VCID-yeea-n94x-qqch

vulnerability	VCID-yur3-am6j-w7ay

vulnerability	VCID-zzzs-scbg-bbe9

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.0b1

aliases CVE-2019-14846, GHSA-pm48-cvv2-29q5, PYSEC-2019-4

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kb5h-116p-33b4

url VCID-rknj-nkgs-wyg2

vulnerability_id VCID-rknj-nkgs-wyg2

summary Ansible "User" module leaks any data which is passed on as a parameter to ssh-keygen. This could lean in undesirable situations such as passphrases credentials passed as a parameter for the ssh-keygen executable. Showing those credentials in clear text form for every user which have access just to the process list.

references

reference_url

http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00021.html

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	8.5
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00021.html

reference_url

http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00077.html

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	8.5
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00077.html

reference_url

http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00020.html

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	8.5
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00020.html

reference_url

https://access.redhat.com/errata/RHSA-2018:3460

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	8.5
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2018:3460

reference_url

https://access.redhat.com/errata/RHSA-2018:3461

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	8.5
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2018:3461

reference_url

https://access.redhat.com/errata/RHSA-2018:3462

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	8.5
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2018:3462

reference_url

https://access.redhat.com/errata/RHSA-2018:3463

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	8.5
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2018:3463

reference_url

https://access.redhat.com/errata/RHSA-2018:3505

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	8.5
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2018:3505

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16837.json

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16837.json

reference_url

https://access.redhat.com/security/cve/cve-2018-16837

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	8.5
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/security/cve/cve-2018-16837

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-16837

reference_id

reference_type

scores

value	0.0004
scoring_system	epss
scoring_elements	0.1223
published_at	2026-04-07T12:55:00Z

value	0.0004
scoring_system	epss
scoring_elements	0.12309
published_at	2026-04-08T12:55:00Z

value	0.0004
scoring_system	epss
scoring_elements	0.1236
published_at	2026-04-09T12:55:00Z

value	0.0004
scoring_system	epss
scoring_elements	0.12367
published_at	2026-04-11T12:55:00Z

value	0.0004
scoring_system	epss
scoring_elements	0.12329
published_at	2026-04-12T12:55:00Z

value	0.0004
scoring_system	epss
scoring_elements	0.12291
published_at	2026-04-13T12:55:00Z

value	0.0004
scoring_system	epss
scoring_elements	0.12189
published_at	2026-04-16T12:55:00Z

value	0.0004
scoring_system	epss
scoring_elements	0.12191
published_at	2026-04-18T12:55:00Z

value	0.0004
scoring_system	epss
scoring_elements	0.1227
published_at	2026-04-01T12:55:00Z

value	0.0004
scoring_system	epss
scoring_elements	0.12385
published_at	2026-04-02T12:55:00Z

value	0.0004
scoring_system	epss
scoring_elements	0.12429
published_at	2026-04-04T12:55:00Z

value	0.00049
scoring_system	epss
scoring_elements	0.14935
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-16837

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16837

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	8.5
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16837

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10855
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10855

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10875
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10875

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16837
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16837

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16876
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16876

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3828
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3828

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	8.5
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/ansible/ansible/blob/c963ef1dfbf73efea5106624eb48b346f01eaefd/changelogs/CHANGELOG-v2.7.rst?plain=1#L138

reference_url

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	8.5
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/ansible/ansible/blob/c963ef1dfbf73efea5106624eb48b346f01eaefd/changelogs/CHANGELOG-v2.7.rst?plain=1#L138

reference_url	https://github.com/ansible/ansible/blob/stable-2.5/changelogs/CHANGELOG-v2.5.rst#v2511
reference_id
reference_type
scores
url	https://github.com/ansible/ansible/blob/stable-2.5/changelogs/CHANGELOG-v2.5.rst#v2511

reference_url	https://github.com/ansible/ansible/blob/stable-2.6/changelogs/CHANGELOG-v2.6.rst#v267
reference_id
reference_type
scores
url	https://github.com/ansible/ansible/blob/stable-2.6/changelogs/CHANGELOG-v2.6.rst#v267

reference_url	https://github.com/ansible/ansible/blob/stable-2.7/changelogs/CHANGELOG-v2.7.rst#v2-7-1
reference_id
reference_type
scores
url	https://github.com/ansible/ansible/blob/stable-2.7/changelogs/CHANGELOG-v2.7.rst#v2-7-1

reference_url

https://github.com/ansible/ansible/commit/77928e6c3a2ad878b20312ce5d74d9d7741e0df0

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	8.5
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/ansible/ansible/commit/77928e6c3a2ad878b20312ce5d74d9d7741e0df0

reference_url	https://github.com/ansible/ansible/commit/a0aa53d1a1d6075a7ae98ace138712ee6cb45ae4
reference_id
reference_type
scores
url	https://github.com/ansible/ansible/commit/a0aa53d1a1d6075a7ae98ace138712ee6cb45ae4

reference_url

https://github.com/ansible/ansible/commit/b618339c321c387230d3ea523e80ad47af3de5cf

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	8.5
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/ansible/ansible/commit/b618339c321c387230d3ea523e80ad47af3de5cf

reference_url

https://github.com/ansible/ansible/commit/f50cc0b8cb399bb7b7c1ad23b94c9404f0cc6d23

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	8.5
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/ansible/ansible/commit/f50cc0b8cb399bb7b7c1ad23b94c9404f0cc6d23

reference_url

https://github.com/ansible/ansible/pull/47436

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	8.5
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/ansible/ansible/pull/47436

reference_url

https://github.com/ansible/ansible/pull/47445

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	8.5
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/ansible/ansible/pull/47445

reference_url

https://github.com/ansible/ansible/pull/47486

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	8.5
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/ansible/ansible/pull/47486

reference_url

https://github.com/ansible/ansible/pull/47487

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	8.5
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/ansible/ansible/pull/47487

reference_url

https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2018-44.yaml

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	8.5
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2018-44.yaml

reference_url

https://lists.debian.org/debian-lts-announce/2018/11/msg00012.html

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	8.5
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2018/11/msg00012.html

reference_url

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	8.5
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://web.archive.org/web/20200227105539/http://www.securityfocus.com/bid/105700

reference_url	https://usn.ubuntu.com/4072-1/
reference_id
reference_type
scores
url	https://usn.ubuntu.com/4072-1/

reference_url

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	8.5
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://web.archive.org/web/20200227105539/http://www.securityfocus.com/bid/105700

reference_url

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	8.5
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2018-16837

reference_url	http://www.securityfocus.com/bid/105700
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/105700

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1640642
reference_id	1640642
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1640642

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=912297
reference_id	912297
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=912297

reference_url

reference_id

CVE-2018-16837

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	8.5
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2018-16837

reference_url

https://github.com/advisories/GHSA-hwrm-63v2-42g4

reference_id

GHSA-hwrm-63v2-42g4

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-hwrm-63v2-42g4

fixed_packages

url pkg:pypi/ansible@2.0.0.1

purl pkg:pypi/ansible@2.0.0.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4yvf-k192-9fca

vulnerability	VCID-682j-e2pu-1uee

vulnerability	VCID-ae1r-yq1g-rkem

vulnerability	VCID-atun-stks-4kcb

vulnerability	VCID-axc3-wcsk-q3eg

vulnerability	VCID-b8zs-br97-57av

vulnerability	VCID-c1xg-s3kx-gkft

vulnerability	VCID-d4ka-dk4p-kfhb

vulnerability	VCID-d7ez-s7qb-p3ay

vulnerability	VCID-drt9-vx5r-akgm

vulnerability	VCID-e3z2-ydhb-gqfg

vulnerability	VCID-ezaq-tqd3-4yd1

vulnerability	VCID-fetz-42jf-nqe8

vulnerability	VCID-fj2p-7wkh-1fhq

vulnerability	VCID-geaa-6dxx-tbcw

vulnerability	VCID-hfxe-jjf5-nqd1

vulnerability	VCID-hqar-fca3-cbht

vulnerability	VCID-jhxm-379u-subt

vulnerability	VCID-jnmu-c8dt-5yb6

vulnerability	VCID-js7k-ptm9-2yh1

vulnerability	VCID-kb5h-116p-33b4

vulnerability	VCID-puq1-z5h7-pkdg

vulnerability	VCID-q4q1-aueh-sub2

vulnerability	VCID-qbdk-hxhg-wbh4

vulnerability	VCID-r6bb-p28b-8fcn

vulnerability	VCID-rdwq-93d6-c7b4

vulnerability	VCID-rg5d-st3d-nbah

vulnerability	VCID-rknj-nkgs-wyg2

vulnerability	VCID-s1r4-29kw-5kbg

vulnerability	VCID-t6db-buke-nfhf

vulnerability	VCID-tdp4-h4ht-pqhs

vulnerability	VCID-ujbp-cc1r-wfe9

vulnerability	VCID-v3h9-1t69-v7a3

vulnerability	VCID-whyk-3ynn-zyf4

vulnerability	VCID-wqm7-2ajr-6ue8

vulnerability	VCID-x5e2-7whc-v3fc

vulnerability	VCID-x94k-nxyd-27gs

vulnerability	VCID-xw8r-fn6y-mbhp

vulnerability	VCID-yc8n-wxb4-1uaz

vulnerability	VCID-yeea-n94x-qqch

vulnerability	VCID-ykxk-6mpc-wkgt

vulnerability	VCID-yur3-am6j-w7ay

vulnerability	VCID-zmr4-652z-r3dm

vulnerability	VCID-zzzs-scbg-bbe9

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.0.0.1

url pkg:pypi/ansible@2.5.11

purl pkg:pypi/ansible@2.5.11

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4yvf-k192-9fca

vulnerability	VCID-682j-e2pu-1uee

vulnerability	VCID-ae1r-yq1g-rkem

vulnerability	VCID-atun-stks-4kcb

vulnerability	VCID-axc3-wcsk-q3eg

vulnerability	VCID-b1pw-nusu-27c4

vulnerability	VCID-b8zs-br97-57av

vulnerability	VCID-c1xg-s3kx-gkft

vulnerability	VCID-d4ka-dk4p-kfhb

vulnerability	VCID-d7ez-s7qb-p3ay

vulnerability	VCID-drt9-vx5r-akgm

vulnerability	VCID-dzdx-wae5-8ydy

vulnerability	VCID-e3z2-ydhb-gqfg

vulnerability	VCID-ezaq-tqd3-4yd1

vulnerability	VCID-fj2p-7wkh-1fhq

vulnerability	VCID-geaa-6dxx-tbcw

vulnerability	VCID-hqar-fca3-cbht

vulnerability	VCID-jnmu-c8dt-5yb6

vulnerability	VCID-js7k-ptm9-2yh1

vulnerability	VCID-kb5h-116p-33b4

vulnerability	VCID-puq1-z5h7-pkdg

vulnerability	VCID-qbdk-hxhg-wbh4

vulnerability	VCID-r6bb-p28b-8fcn

vulnerability	VCID-rdwq-93d6-c7b4

vulnerability	VCID-rg5d-st3d-nbah

vulnerability	VCID-t6db-buke-nfhf

vulnerability	VCID-tdp4-h4ht-pqhs

vulnerability	VCID-ujbp-cc1r-wfe9

vulnerability	VCID-v3h9-1t69-v7a3

vulnerability	VCID-whyk-3ynn-zyf4

vulnerability	VCID-x5e2-7whc-v3fc

vulnerability	VCID-x94k-nxyd-27gs

vulnerability	VCID-xw8r-fn6y-mbhp

vulnerability	VCID-yeea-n94x-qqch

vulnerability	VCID-ykxk-6mpc-wkgt

vulnerability	VCID-yur3-am6j-w7ay

vulnerability	VCID-zzzs-scbg-bbe9

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.5.11

url pkg:pypi/ansible@2.6.7

purl pkg:pypi/ansible@2.6.7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4yvf-k192-9fca

vulnerability	VCID-682j-e2pu-1uee

vulnerability	VCID-ae1r-yq1g-rkem

vulnerability	VCID-atun-stks-4kcb

vulnerability	VCID-axc3-wcsk-q3eg

vulnerability	VCID-b1pw-nusu-27c4

vulnerability	VCID-b8zs-br97-57av

vulnerability	VCID-c1xg-s3kx-gkft

vulnerability	VCID-ckt2-us5z-pyef

vulnerability	VCID-d4ka-dk4p-kfhb

vulnerability	VCID-d7ez-s7qb-p3ay

vulnerability	VCID-drt9-vx5r-akgm

vulnerability	VCID-dzdx-wae5-8ydy

vulnerability	VCID-e3z2-ydhb-gqfg

vulnerability	VCID-ezaq-tqd3-4yd1

vulnerability	VCID-fj2p-7wkh-1fhq

vulnerability	VCID-geaa-6dxx-tbcw

vulnerability	VCID-hqar-fca3-cbht

vulnerability	VCID-jnmu-c8dt-5yb6

vulnerability	VCID-js7k-ptm9-2yh1

vulnerability	VCID-kb5h-116p-33b4

vulnerability	VCID-puq1-z5h7-pkdg

vulnerability	VCID-qbdk-hxhg-wbh4

vulnerability	VCID-r6bb-p28b-8fcn

vulnerability	VCID-rdwq-93d6-c7b4

vulnerability	VCID-rg5d-st3d-nbah

vulnerability	VCID-swpr-3qae-d7fe

vulnerability	VCID-t6db-buke-nfhf

vulnerability	VCID-tdp4-h4ht-pqhs

vulnerability	VCID-ujbp-cc1r-wfe9

vulnerability	VCID-v3h9-1t69-v7a3

vulnerability	VCID-whyk-3ynn-zyf4

vulnerability	VCID-x5e2-7whc-v3fc

vulnerability	VCID-x94k-nxyd-27gs

vulnerability	VCID-xw8r-fn6y-mbhp

vulnerability	VCID-yeea-n94x-qqch

vulnerability	VCID-ykxk-6mpc-wkgt

vulnerability	VCID-yur3-am6j-w7ay

vulnerability	VCID-zzzs-scbg-bbe9

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.6.7

url pkg:pypi/ansible@2.7.1

purl pkg:pypi/ansible@2.7.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4yvf-k192-9fca

vulnerability	VCID-682j-e2pu-1uee

vulnerability	VCID-a49n-tvnt-p3df

vulnerability	VCID-ae1r-yq1g-rkem

vulnerability	VCID-atun-stks-4kcb

vulnerability	VCID-axc3-wcsk-q3eg

vulnerability	VCID-b1pw-nusu-27c4

vulnerability	VCID-b8zs-br97-57av

vulnerability	VCID-c1xg-s3kx-gkft

vulnerability	VCID-ckt2-us5z-pyef

vulnerability	VCID-d4ka-dk4p-kfhb

vulnerability	VCID-d7ez-s7qb-p3ay

vulnerability	VCID-dagf-buer-4ffr

vulnerability	VCID-drt9-vx5r-akgm

vulnerability	VCID-dzdx-wae5-8ydy

vulnerability	VCID-e3z2-ydhb-gqfg

vulnerability	VCID-ezaq-tqd3-4yd1

vulnerability	VCID-ezux-6buh-h7h7

vulnerability	VCID-fj2p-7wkh-1fhq

vulnerability	VCID-geaa-6dxx-tbcw

vulnerability	VCID-h1n3-cmte-eugf

vulnerability	VCID-hqar-fca3-cbht

vulnerability	VCID-jnmu-c8dt-5yb6

vulnerability	VCID-js7k-ptm9-2yh1

vulnerability	VCID-kb5h-116p-33b4

vulnerability	VCID-puq1-z5h7-pkdg

vulnerability	VCID-qbdk-hxhg-wbh4

vulnerability	VCID-r6bb-p28b-8fcn

vulnerability	VCID-rdwq-93d6-c7b4

vulnerability	VCID-rg5d-st3d-nbah

vulnerability	VCID-swpr-3qae-d7fe

vulnerability	VCID-t6db-buke-nfhf

vulnerability	VCID-tdp4-h4ht-pqhs

vulnerability	VCID-uhg5-zpzt-e3gz

vulnerability	VCID-ujbp-cc1r-wfe9

vulnerability	VCID-v3h9-1t69-v7a3

vulnerability	VCID-whyk-3ynn-zyf4

vulnerability	VCID-x5e2-7whc-v3fc

vulnerability	VCID-x94k-nxyd-27gs

vulnerability	VCID-xg2f-12w4-yqge

vulnerability	VCID-xw8r-fn6y-mbhp

vulnerability	VCID-yeea-n94x-qqch

vulnerability	VCID-ykxk-6mpc-wkgt

vulnerability	VCID-yur3-am6j-w7ay

vulnerability	VCID-zzzs-scbg-bbe9

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.7.1

aliases CVE-2018-16837, GHSA-hwrm-63v2-42g4, PYSEC-2018-44

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rknj-nkgs-wyg2

url VCID-wqm7-2ajr-6ue8

vulnerability_id VCID-wqm7-2ajr-6ue8

summary In ansible it was found that inventory variables are loaded from current working directory when running ad-hoc command which are under attacker's control, allowing to run arbitrary code as a result.

references

reference_url

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	8.5
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	8.5
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	8.5
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	8.5
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	8.5
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	8.5
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	8.5
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	8.5
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10874.json

reference_url

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10874.json

reference_url

https://access.redhat.com/security/cve/CVE-2018-10874

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	8.5
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/security/cve/CVE-2018-10874

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-10874

reference_id

reference_type

scores

value	0.00047
scoring_system	epss
scoring_elements	0.14546
published_at	2026-04-04T12:55:00Z

value	0.00047
scoring_system	epss
scoring_elements	0.14476
published_at	2026-04-02T12:55:00Z

value	0.00047
scoring_system	epss
scoring_elements	0.14406
published_at	2026-04-01T12:55:00Z

value	0.00047
scoring_system	epss
scoring_elements	0.14312
published_at	2026-04-21T12:55:00Z

value	0.00047
scoring_system	epss
scoring_elements	0.14437
published_at	2026-04-08T12:55:00Z

value	0.00047
scoring_system	epss
scoring_elements	0.14492
published_at	2026-04-09T12:55:00Z

value	0.00047
scoring_system	epss
scoring_elements	0.14441
published_at	2026-04-11T12:55:00Z

value	0.00047
scoring_system	epss
scoring_elements	0.14404
published_at	2026-04-12T12:55:00Z

value	0.00047
scoring_system	epss
scoring_elements	0.14348
published_at	2026-04-13T12:55:00Z

value	0.00047
scoring_system	epss
scoring_elements	0.14239
published_at	2026-04-16T12:55:00Z

value	0.00047
scoring_system	epss
scoring_elements	0.1424
published_at	2026-04-18T12:55:00Z

value	0.00047
scoring_system	epss
scoring_elements	0.14354
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-10874

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=1596528

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	8.5
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://bugzilla.redhat.com/show_bug.cgi?id=1596528

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10874

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	8.5
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10874

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10874
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10874

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	8.5
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/ansible/ansible/commit/10d6fe6c98cfee9a7be0fea6102ba5dec951aec7

reference_url

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	8.5
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/ansible/ansible/commit/10d6fe6c98cfee9a7be0fea6102ba5dec951aec7

reference_url

https://github.com/ansible/ansible/commit/1f80949f964a946773f9d3ac1899535bd2cc2b8e

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	8.5
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/ansible/ansible/commit/1f80949f964a946773f9d3ac1899535bd2cc2b8e

reference_url

https://github.com/ansible/ansible/commit/44874addc7ea136f83c67d5869047ece02645fdb

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	8.5
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/ansible/ansible/commit/44874addc7ea136f83c67d5869047ece02645fdb

reference_url

https://github.com/ansible/ansible/pull/42067

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	8.5
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/ansible/ansible/pull/42067

reference_url

https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2018-81.yaml

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	8.5
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2018-81.yaml

reference_url

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	8.5
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://web.archive.org/web/20201130165946/http://www.securitytracker.com/id/1041396

reference_url	https://usn.ubuntu.com/4072-1/
reference_id
reference_type
scores
url	https://usn.ubuntu.com/4072-1/

reference_url

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	8.5
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://web.archive.org/web/20201130165946/http://www.securitytracker.com/id/1041396

reference_url	http://www.securitytracker.com/id/1041396
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1041396

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_engine:2.0:::::::*
reference_id	cpe:2.3:a:redhat:ansible_engine:2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_engine:2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_engine:2.4:::::::*
reference_id	cpe:2.3:a:redhat:ansible_engine:2.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_engine:2.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_engine:2.5:::::::*
reference_id	cpe:2.3:a:redhat:ansible_engine:2.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_engine:2.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_engine:2.6:::::::*
reference_id	cpe:2.3:a:redhat:ansible_engine:2.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_engine:2.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:10:::::::*
reference_id	cpe:2.3:a:redhat:openstack:10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:12:::::::*
reference_id	cpe:2.3:a:redhat:openstack:12:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:12:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:13:::::::*
reference_id	cpe:2.3:a:redhat:openstack:13:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:13:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:virtualization:4.0:::::::*
reference_id	cpe:2.3:a:redhat:virtualization:4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:virtualization:4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:virtualization_host:4.0:::::::*
reference_id	cpe:2.3:a:redhat:virtualization_host:4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:virtualization_host:4.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-10874

reference_id

CVE-2018-10874

reference_type

scores

value	4.6
scoring_system	cvssv2
scoring_elements	AV:L/AC:L/Au:N/C:P/I:P/A:P

value	7.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	8.5
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2018-10874

reference_url

https://github.com/advisories/GHSA-3xvg-x47j-x75w

reference_id

GHSA-3xvg-x47j-x75w

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-3xvg-x47j-x75w

fixed_packages

url pkg:pypi/ansible@2.0.0.1

purl pkg:pypi/ansible@2.0.0.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4yvf-k192-9fca

vulnerability	VCID-682j-e2pu-1uee

vulnerability	VCID-ae1r-yq1g-rkem

vulnerability	VCID-atun-stks-4kcb

vulnerability	VCID-axc3-wcsk-q3eg

vulnerability	VCID-b8zs-br97-57av

vulnerability	VCID-c1xg-s3kx-gkft

vulnerability	VCID-d4ka-dk4p-kfhb

vulnerability	VCID-d7ez-s7qb-p3ay

vulnerability	VCID-drt9-vx5r-akgm

vulnerability	VCID-e3z2-ydhb-gqfg

vulnerability	VCID-ezaq-tqd3-4yd1

vulnerability	VCID-fetz-42jf-nqe8

vulnerability	VCID-fj2p-7wkh-1fhq

vulnerability	VCID-geaa-6dxx-tbcw

vulnerability	VCID-hfxe-jjf5-nqd1

vulnerability	VCID-hqar-fca3-cbht

vulnerability	VCID-jhxm-379u-subt

vulnerability	VCID-jnmu-c8dt-5yb6

vulnerability	VCID-js7k-ptm9-2yh1

vulnerability	VCID-kb5h-116p-33b4

vulnerability	VCID-puq1-z5h7-pkdg

vulnerability	VCID-q4q1-aueh-sub2

vulnerability	VCID-qbdk-hxhg-wbh4

vulnerability	VCID-r6bb-p28b-8fcn

vulnerability	VCID-rdwq-93d6-c7b4

vulnerability	VCID-rg5d-st3d-nbah

vulnerability	VCID-rknj-nkgs-wyg2

vulnerability	VCID-s1r4-29kw-5kbg

vulnerability	VCID-t6db-buke-nfhf

vulnerability	VCID-tdp4-h4ht-pqhs

vulnerability	VCID-ujbp-cc1r-wfe9

vulnerability	VCID-v3h9-1t69-v7a3

vulnerability	VCID-whyk-3ynn-zyf4

vulnerability	VCID-wqm7-2ajr-6ue8

vulnerability	VCID-x5e2-7whc-v3fc

vulnerability	VCID-x94k-nxyd-27gs

vulnerability	VCID-xw8r-fn6y-mbhp

vulnerability	VCID-yc8n-wxb4-1uaz

vulnerability	VCID-yeea-n94x-qqch

vulnerability	VCID-ykxk-6mpc-wkgt

vulnerability	VCID-yur3-am6j-w7ay

vulnerability	VCID-zmr4-652z-r3dm

vulnerability	VCID-zzzs-scbg-bbe9

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.0.0.1

url pkg:pypi/ansible@2.4.6.0

purl pkg:pypi/ansible@2.4.6.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4yvf-k192-9fca

vulnerability	VCID-682j-e2pu-1uee

vulnerability	VCID-ae1r-yq1g-rkem

vulnerability	VCID-atun-stks-4kcb

vulnerability	VCID-axc3-wcsk-q3eg

vulnerability	VCID-b8zs-br97-57av

vulnerability	VCID-c1xg-s3kx-gkft

vulnerability	VCID-d4ka-dk4p-kfhb

vulnerability	VCID-d7ez-s7qb-p3ay

vulnerability	VCID-drt9-vx5r-akgm

vulnerability	VCID-e3z2-ydhb-gqfg

vulnerability	VCID-ezaq-tqd3-4yd1

vulnerability	VCID-fj2p-7wkh-1fhq

vulnerability	VCID-geaa-6dxx-tbcw

vulnerability	VCID-hqar-fca3-cbht

vulnerability	VCID-jnmu-c8dt-5yb6

vulnerability	VCID-js7k-ptm9-2yh1

vulnerability	VCID-kb5h-116p-33b4

vulnerability	VCID-puq1-z5h7-pkdg

vulnerability	VCID-qbdk-hxhg-wbh4

vulnerability	VCID-r6bb-p28b-8fcn

vulnerability	VCID-rdwq-93d6-c7b4

vulnerability	VCID-rg5d-st3d-nbah

vulnerability	VCID-rknj-nkgs-wyg2

vulnerability	VCID-t6db-buke-nfhf

vulnerability	VCID-tdp4-h4ht-pqhs

vulnerability	VCID-ujbp-cc1r-wfe9

vulnerability	VCID-v3h9-1t69-v7a3

vulnerability	VCID-whyk-3ynn-zyf4

vulnerability	VCID-x5e2-7whc-v3fc

vulnerability	VCID-x94k-nxyd-27gs

vulnerability	VCID-xw8r-fn6y-mbhp

vulnerability	VCID-y91x-2rch-pkar

vulnerability	VCID-yeea-n94x-qqch

vulnerability	VCID-ykxk-6mpc-wkgt

vulnerability	VCID-yur3-am6j-w7ay

vulnerability	VCID-zzzs-scbg-bbe9

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.4.6.0

url pkg:pypi/ansible@2.5.6

purl pkg:pypi/ansible@2.5.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4yvf-k192-9fca

vulnerability	VCID-682j-e2pu-1uee

vulnerability	VCID-ae1r-yq1g-rkem

vulnerability	VCID-atun-stks-4kcb

vulnerability	VCID-axc3-wcsk-q3eg

vulnerability	VCID-b1pw-nusu-27c4

vulnerability	VCID-b8zs-br97-57av

vulnerability	VCID-c1xg-s3kx-gkft

vulnerability	VCID-d4ka-dk4p-kfhb

vulnerability	VCID-d7ez-s7qb-p3ay

vulnerability	VCID-drt9-vx5r-akgm

vulnerability	VCID-dzdx-wae5-8ydy

vulnerability	VCID-e3z2-ydhb-gqfg

vulnerability	VCID-ezaq-tqd3-4yd1

vulnerability	VCID-fj2p-7wkh-1fhq

vulnerability	VCID-geaa-6dxx-tbcw

vulnerability	VCID-hqar-fca3-cbht

vulnerability	VCID-jnmu-c8dt-5yb6

vulnerability	VCID-js7k-ptm9-2yh1

vulnerability	VCID-kb5h-116p-33b4

vulnerability	VCID-puq1-z5h7-pkdg

vulnerability	VCID-qbdk-hxhg-wbh4

vulnerability	VCID-r6bb-p28b-8fcn

vulnerability	VCID-rdwq-93d6-c7b4

vulnerability	VCID-rg5d-st3d-nbah

vulnerability	VCID-rknj-nkgs-wyg2

vulnerability	VCID-t6db-buke-nfhf

vulnerability	VCID-tdp4-h4ht-pqhs

vulnerability	VCID-ujbp-cc1r-wfe9

vulnerability	VCID-v3h9-1t69-v7a3

vulnerability	VCID-whyk-3ynn-zyf4

vulnerability	VCID-x5e2-7whc-v3fc

vulnerability	VCID-x94k-nxyd-27gs

vulnerability	VCID-xw8r-fn6y-mbhp

vulnerability	VCID-y91x-2rch-pkar

vulnerability	VCID-yeea-n94x-qqch

vulnerability	VCID-ykxk-6mpc-wkgt

vulnerability	VCID-yur3-am6j-w7ay

vulnerability	VCID-zzzs-scbg-bbe9

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.5.6

url pkg:pypi/ansible@2.6.1

purl pkg:pypi/ansible@2.6.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4yvf-k192-9fca

vulnerability	VCID-682j-e2pu-1uee

vulnerability	VCID-ae1r-yq1g-rkem

vulnerability	VCID-atun-stks-4kcb

vulnerability	VCID-axc3-wcsk-q3eg

vulnerability	VCID-b1pw-nusu-27c4

vulnerability	VCID-b8zs-br97-57av

vulnerability	VCID-c1xg-s3kx-gkft

vulnerability	VCID-ckt2-us5z-pyef

vulnerability	VCID-d4ka-dk4p-kfhb

vulnerability	VCID-d7ez-s7qb-p3ay

vulnerability	VCID-drt9-vx5r-akgm

vulnerability	VCID-dzdx-wae5-8ydy

vulnerability	VCID-e3z2-ydhb-gqfg

vulnerability	VCID-ezaq-tqd3-4yd1

vulnerability	VCID-fj2p-7wkh-1fhq

vulnerability	VCID-geaa-6dxx-tbcw

vulnerability	VCID-hqar-fca3-cbht

vulnerability	VCID-jnmu-c8dt-5yb6

vulnerability	VCID-js7k-ptm9-2yh1

vulnerability	VCID-kb5h-116p-33b4

vulnerability	VCID-puq1-z5h7-pkdg

vulnerability	VCID-qbdk-hxhg-wbh4

vulnerability	VCID-r6bb-p28b-8fcn

vulnerability	VCID-rdwq-93d6-c7b4

vulnerability	VCID-rg5d-st3d-nbah

vulnerability	VCID-rknj-nkgs-wyg2

vulnerability	VCID-swpr-3qae-d7fe

vulnerability	VCID-t6db-buke-nfhf

vulnerability	VCID-tdp4-h4ht-pqhs

vulnerability	VCID-ujbp-cc1r-wfe9

vulnerability	VCID-v3h9-1t69-v7a3

vulnerability	VCID-whyk-3ynn-zyf4

vulnerability	VCID-x5e2-7whc-v3fc

vulnerability	VCID-x94k-nxyd-27gs

vulnerability	VCID-xw8r-fn6y-mbhp

vulnerability	VCID-yeea-n94x-qqch

vulnerability	VCID-ykxk-6mpc-wkgt

vulnerability	VCID-yur3-am6j-w7ay

vulnerability	VCID-zzzs-scbg-bbe9

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.6.1

aliases CVE-2018-10874, GHSA-3xvg-x47j-x75w, PYSEC-2018-81

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wqm7-2ajr-6ue8

url VCID-y91x-2rch-pkar

vulnerability_id VCID-y91x-2rch-pkar

summary A flaw was found in ansible. ansible.cfg is read from the current working directory which can be altered to make it point to a plugin or a module path under the control of an attacker, thus allowing the attacker to execute arbitrary code.

references

reference_url

http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00021.html

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	8.5
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00021.html

reference_url

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	8.5
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	8.5
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	8.5
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	8.5
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	8.5
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	8.5
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	8.5
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	8.5
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10875.json

reference_url

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10875.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-10875

reference_id

reference_type

scores

value	0.00043
scoring_system	epss
scoring_elements	0.13233
published_at	2026-04-01T12:55:00Z

value	0.00043
scoring_system	epss
scoring_elements	0.13194
published_at	2026-04-07T12:55:00Z

value	0.00043
scoring_system	epss
scoring_elements	0.13274
published_at	2026-04-08T12:55:00Z

value	0.00043
scoring_system	epss
scoring_elements	0.13325
published_at	2026-04-09T12:55:00Z

value	0.00043
scoring_system	epss
scoring_elements	0.13293
published_at	2026-04-11T12:55:00Z

value	0.00043
scoring_system	epss
scoring_elements	0.13255
published_at	2026-04-12T12:55:00Z

value	0.00043
scoring_system	epss
scoring_elements	0.13206
published_at	2026-04-13T12:55:00Z

value	0.00043
scoring_system	epss
scoring_elements	0.13112
published_at	2026-04-18T12:55:00Z

value	0.00043
scoring_system	epss
scoring_elements	0.13334
published_at	2026-04-02T12:55:00Z

value	0.00043
scoring_system	epss
scoring_elements	0.13397
published_at	2026-04-04T12:55:00Z

value	0.00056
scoring_system	epss
scoring_elements	0.1766
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-10875

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10875

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	8.5
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10875

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10855
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10855

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10875
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10875

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16837
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16837

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16876
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16876

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3828
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3828

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	8.5
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/ansible/ansible/commit/4cecbe81adbc655d7ab734165d3ac539f8ba5981

reference_url

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	8.5
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/ansible/ansible/commit/4cecbe81adbc655d7ab734165d3ac539f8ba5981

reference_url

https://github.com/ansible/ansible/commit/f32c42c37aaf7b9db93ea3151b2f42a0c4bd8172

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	8.5
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/ansible/ansible/commit/f32c42c37aaf7b9db93ea3151b2f42a0c4bd8172

reference_url

https://github.com/ansible/ansible/commit/ff980afefdbe4ceb828bdb1bb2eef03cf616bf63

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	8.5
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/ansible/ansible/commit/ff980afefdbe4ceb828bdb1bb2eef03cf616bf63

reference_url

https://github.com/ansible/ansible/issues/42388

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	8.5
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/ansible/ansible/issues/42388

reference_url

https://github.com/ansible/ansible/pull/42070

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	8.5
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/ansible/ansible/pull/42070

reference_url

https://github.com/ansible/ansible/pull/43583

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	8.5
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/ansible/ansible/pull/43583

reference_url

https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2018-43.yaml

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	8.5
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2018-43.yaml

reference_url

https://lists.debian.org/debian-lts-announce/2019/09/msg00016.html

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	8.5
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2019/09/msg00016.html

reference_url

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	8.5
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://web.archive.org/web/20201130165946/http://www.securitytracker.com/id/1041396

reference_url	https://usn.ubuntu.com/4072-1/
reference_id
reference_type
scores
url	https://usn.ubuntu.com/4072-1/

reference_url

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	8.5
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://web.archive.org/web/20201130165946/http://www.securitytracker.com/id/1041396

reference_url

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	8.5
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url