Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/ansible@5.4.0-1?distro=trixie
Typedeb
Namespacedebian
Nameansible
Version5.4.0-1
Qualifiers
distro trixie
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version7.0.0+dfsg-1
Latest_non_vulnerable_version13.4.0+dfsg-1
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-1wv8-rvwu-nye3
vulnerability_id VCID-1wv8-rvwu-nye3
summary 
ansible-core Incorrect Authorization vulnerability
A flaw was found in Ansible. The ansible-core `user` module can allow an unprivileged user to silently create or replace the contents of any file on any system path and take ownership of it when a privileged user executes the `user` module against the unprivileged user's home directory. If the unprivileged user has traversal permissions on the directory containing the exploited target file, they retain full control over the contents of the file as its owner.
references
0
reference_url https://access.redhat.com/errata/RHSA-2024:10762
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:L
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-06T14:20:56Z/
url https://access.redhat.com/errata/RHSA-2024:10762
1
reference_url https://access.redhat.com/errata/RHSA-2024:8969
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:L
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-06T14:20:56Z/
url https://access.redhat.com/errata/RHSA-2024:8969
2
reference_url https://access.redhat.com/errata/RHSA-2024:9894
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:L
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-06T14:20:56Z/
url https://access.redhat.com/errata/RHSA-2024:9894
3
reference_url https://access.redhat.com/errata/RHSA-2025:1861
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:L
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-06T14:20:56Z/
url https://access.redhat.com/errata/RHSA-2025:1861
4
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9902.json
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9902.json
5
reference_url https://access.redhat.com/security/cve/CVE-2024-9902
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:L
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-06T14:20:56Z/
url https://access.redhat.com/security/cve/CVE-2024-9902
6
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-9902
reference_id
reference_type
scores
0
value 0.00031
scoring_system epss
scoring_elements 0.08887
published_at 2026-04-13T12:55:00Z
1
value 0.00031
scoring_system epss
scoring_elements 0.08851
published_at 2026-04-02T12:55:00Z
2
value 0.00031
scoring_system epss
scoring_elements 0.089
published_at 2026-04-12T12:55:00Z
3
value 0.00031
scoring_system epss
scoring_elements 0.08831
published_at 2026-04-07T12:55:00Z
4
value 0.00031
scoring_system epss
scoring_elements 0.08909
published_at 2026-04-08T12:55:00Z
5
value 0.00031
scoring_system epss
scoring_elements 0.08936
published_at 2026-04-09T12:55:00Z
6
value 0.00031
scoring_system epss
scoring_elements 0.08935
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-9902
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2318271
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:L
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-06T14:20:56Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=2318271
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9902
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9902
9
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
10
reference_url https://github.com/ansible/ansible
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:L
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible
11
reference_url https://github.com/ansible/ansible/commit/03794735d370db98a5ec2ad514fab2b0dd22d6be
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:L
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/03794735d370db98a5ec2ad514fab2b0dd22d6be
12
reference_url https://github.com/ansible/ansible/commit/03daf774d0d80fb7235910ed1c2b4fbcaebdfe65
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:L
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/03daf774d0d80fb7235910ed1c2b4fbcaebdfe65
13
reference_url https://github.com/ansible/ansible/commit/3b6de811abea0a811e03e3029222a7e459922892
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:L
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/3b6de811abea0a811e03e3029222a7e459922892
14
reference_url https://github.com/ansible/ansible/commit/9d7312f695639e804d2caeb1d0f51c716a9ac7dd
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:L
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/9d7312f695639e804d2caeb1d0f51c716a9ac7dd
15
reference_url https://github.com/ansible/ansible/commit/f7be90626da3035c697623dcf9c90b7a0bc91c92
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:L
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/f7be90626da3035c697623dcf9c90b7a0bc91c92
16
reference_url https://lists.debian.org/debian-lts-announce/2024/11/msg00021.html
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:L
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2024/11/msg00021.html
17
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-9902
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:L
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-9902
18
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1086883
reference_id 1086883
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1086883
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform:2.4::el8
reference_id cpe:/a:redhat:ansible_automation_platform:2.4::el8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform:2.4::el8
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform:2.4::el9
reference_id cpe:/a:redhat:ansible_automation_platform:2.4::el9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform:2.4::el9
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform:2.5::el8
reference_id cpe:/a:redhat:ansible_automation_platform:2.5::el8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform:2.5::el8
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform:2.5::el9
reference_id cpe:/a:redhat:ansible_automation_platform:2.5::el9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform:2.5::el9
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_developer:2.4::el8
reference_id cpe:/a:redhat:ansible_automation_platform_developer:2.4::el8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_developer:2.4::el8
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_developer:2.4::el9
reference_id cpe:/a:redhat:ansible_automation_platform_developer:2.4::el9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_developer:2.4::el9
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_developer:2.5::el8
reference_id cpe:/a:redhat:ansible_automation_platform_developer:2.5::el8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_developer:2.5::el8
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_developer:2.5::el9
reference_id cpe:/a:redhat:ansible_automation_platform_developer:2.5::el9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_developer:2.5::el9
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_inside:2.4::el8
reference_id cpe:/a:redhat:ansible_automation_platform_inside:2.4::el8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_inside:2.4::el8
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_inside:2.4::el9
reference_id cpe:/a:redhat:ansible_automation_platform_inside:2.4::el9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_inside:2.4::el9
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_inside:2.5::el8
reference_id cpe:/a:redhat:ansible_automation_platform_inside:2.5::el8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_inside:2.5::el8
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_inside:2.5::el9
reference_id cpe:/a:redhat:ansible_automation_platform_inside:2.5::el9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_inside:2.5::el9
31
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_core:2::el8
reference_id cpe:/a:redhat:ansible_core:2::el8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_core:2::el8
32
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_core:2::el9
reference_id cpe:/a:redhat:ansible_core:2::el9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_core:2::el9
33
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openstack:17.1::el9
reference_id cpe:/a:redhat:openstack:17.1::el9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openstack:17.1::el9
34
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10
reference_id cpe:/o:redhat:enterprise_linux:10
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10
35
reference_url https://github.com/advisories/GHSA-32p4-gm2c-wmch
reference_id GHSA-32p4-gm2c-wmch
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-32p4-gm2c-wmch
fixed_packages
0
url pkg:deb/debian/ansible@2.10.7%2Bmerged%2Bbase%2B2.10.17%2Bdfsg-0%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/ansible@2.10.7%2Bmerged%2Bbase%2B2.10.17%2Bdfsg-0%2Bdeb11u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ansible@2.10.7%252Bmerged%252Bbase%252B2.10.17%252Bdfsg-0%252Bdeb11u1%3Fdistro=trixie
1
url pkg:deb/debian/ansible@2.10.7%2Bmerged%2Bbase%2B2.10.17%2Bdfsg-0%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/ansible@2.10.7%2Bmerged%2Bbase%2B2.10.17%2Bdfsg-0%2Bdeb11u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ansible@2.10.7%252Bmerged%252Bbase%252B2.10.17%252Bdfsg-0%252Bdeb11u2%3Fdistro=trixie
2
url pkg:deb/debian/ansible@5.4.0-1?distro=trixie
purl pkg:deb/debian/ansible@5.4.0-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ansible@5.4.0-1%3Fdistro=trixie
3
url pkg:deb/debian/ansible@7.7.0%2Bdfsg-3%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/ansible@7.7.0%2Bdfsg-3%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ansible@7.7.0%252Bdfsg-3%252Bdeb12u1%3Fdistro=trixie
4
url pkg:deb/debian/ansible@12.0.0%2Bdfsg-0%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/ansible@12.0.0%2Bdfsg-0%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ansible@12.0.0%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie
5
url pkg:deb/debian/ansible@13.4.0%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/ansible@13.4.0%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ansible@13.4.0%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2024-9902, GHSA-32p4-gm2c-wmch
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1wv8-rvwu-nye3
1
url VCID-4pht-n5pc-f3gw
vulnerability_id VCID-4pht-n5pc-f3gw
summary 
Ansible vulnerable to Insertion of Sensitive Information into Log File
A flaw was found in Ansible, where sensitive information stored in Ansible Vault files can be exposed in plaintext during the execution of a playbook. This occurs when using tasks such as include_vars to load vaulted variables without setting the no_log: true parameter, resulting in sensitive data being printed in the playbook output or logs. This can lead to the unintentional disclosure of secrets like passwords or API keys, compromising security and potentially allowing unauthorized access or actions.
references
0
reference_url https://access.redhat.com/errata/RHSA-2024:10762
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-16T14:21:23Z/
url https://access.redhat.com/errata/RHSA-2024:10762
1
reference_url https://access.redhat.com/errata/RHSA-2024:8969
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-16T14:21:23Z/
url https://access.redhat.com/errata/RHSA-2024:8969
2
reference_url https://access.redhat.com/errata/RHSA-2024:9894
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-16T14:21:23Z/
url https://access.redhat.com/errata/RHSA-2024:9894
3
reference_url https://access.redhat.com/errata/RHSA-2025:1249
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-16T14:21:23Z/
url https://access.redhat.com/errata/RHSA-2025:1249
4
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8775.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8775.json
5
reference_url https://access.redhat.com/security/cve/CVE-2024-8775
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-16T14:21:23Z/
url https://access.redhat.com/security/cve/CVE-2024-8775
6
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-8775
reference_id
reference_type
scores
0
value 0.00039
scoring_system epss
scoring_elements 0.11844
published_at 2026-04-13T12:55:00Z
1
value 0.00039
scoring_system epss
scoring_elements 0.11929
published_at 2026-04-02T12:55:00Z
2
value 0.00039
scoring_system epss
scoring_elements 0.11976
published_at 2026-04-04T12:55:00Z
3
value 0.00039
scoring_system epss
scoring_elements 0.11766
published_at 2026-04-07T12:55:00Z
4
value 0.00039
scoring_system epss
scoring_elements 0.11849
published_at 2026-04-08T12:55:00Z
5
value 0.00039
scoring_system epss
scoring_elements 0.11902
published_at 2026-04-09T12:55:00Z
6
value 0.00039
scoring_system epss
scoring_elements 0.11911
published_at 2026-04-11T12:55:00Z
7
value 0.00039
scoring_system epss
scoring_elements 0.11872
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-8775
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2312119
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-16T14:21:23Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=2312119
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8775
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8775
9
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
10
reference_url https://github.com/advisories/GHSA-jpxc-vmjf-9fcj
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-16T14:21:23Z/
url https://github.com/advisories/GHSA-jpxc-vmjf-9fcj
11
reference_url https://github.com/ansible/ansible
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible
12
reference_url https://github.com/ansible/ansible/blob/v2.16.13/changelogs/CHANGELOG-v2.16.rst#security-fixes
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/blob/v2.16.13/changelogs/CHANGELOG-v2.16.rst#security-fixes
13
reference_url https://github.com/ansible/ansible/blob/v2.17.6/changelogs/CHANGELOG-v2.17.rst#security-fixes
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/blob/v2.17.6/changelogs/CHANGELOG-v2.17.rst#security-fixes
14
reference_url https://github.com/ansible/ansible/commit/8a87e1c5d37422bc99d27ad4237d185cc233e035
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/8a87e1c5d37422bc99d27ad4237d185cc233e035
15
reference_url https://lists.debian.org/debian-lts-announce/2024/11/msg00021.html
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2024/11/msg00021.html
16
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-8775
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-8775
17
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1082851
reference_id 1082851
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1082851
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform:2.4::el8
reference_id cpe:/a:redhat:ansible_automation_platform:2.4::el8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform:2.4::el8
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform:2.4::el9
reference_id cpe:/a:redhat:ansible_automation_platform:2.4::el9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform:2.4::el9
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform:2.5::el8
reference_id cpe:/a:redhat:ansible_automation_platform:2.5::el8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform:2.5::el8
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform:2.5::el9
reference_id cpe:/a:redhat:ansible_automation_platform:2.5::el9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform:2.5::el9
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_developer:2.4::el8
reference_id cpe:/a:redhat:ansible_automation_platform_developer:2.4::el8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_developer:2.4::el8
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_developer:2.4::el9
reference_id cpe:/a:redhat:ansible_automation_platform_developer:2.4::el9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_developer:2.4::el9
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_developer:2.5::el8
reference_id cpe:/a:redhat:ansible_automation_platform_developer:2.5::el8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_developer:2.5::el8
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_developer:2.5::el9
reference_id cpe:/a:redhat:ansible_automation_platform_developer:2.5::el9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_developer:2.5::el9
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_inside:2.4::el8
reference_id cpe:/a:redhat:ansible_automation_platform_inside:2.4::el8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_inside:2.4::el8
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_inside:2.4::el9
reference_id cpe:/a:redhat:ansible_automation_platform_inside:2.4::el9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_inside:2.4::el9
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_inside:2.5::el8
reference_id cpe:/a:redhat:ansible_automation_platform_inside:2.5::el8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_inside:2.5::el8
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_inside:2.5::el9
reference_id cpe:/a:redhat:ansible_automation_platform_inside:2.5::el9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_inside:2.5::el9
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_core:2::el8
reference_id cpe:/a:redhat:ansible_core:2::el8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_core:2::el8
31
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_core:2::el9
reference_id cpe:/a:redhat:ansible_core:2::el9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_core:2::el9
32
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux_ai:1
reference_id cpe:/a:redhat:enterprise_linux_ai:1
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux_ai:1
33
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:discovery:1.0::el9
reference_id cpe:/o:redhat:discovery:1.0::el9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:discovery:1.0::el9
34
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10
reference_id cpe:/o:redhat:enterprise_linux:10
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10
fixed_packages
0
url pkg:deb/debian/ansible@2.10.7%2Bmerged%2Bbase%2B2.10.17%2Bdfsg-0%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/ansible@2.10.7%2Bmerged%2Bbase%2B2.10.17%2Bdfsg-0%2Bdeb11u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ansible@2.10.7%252Bmerged%252Bbase%252B2.10.17%252Bdfsg-0%252Bdeb11u1%3Fdistro=trixie
1
url pkg:deb/debian/ansible@2.10.7%2Bmerged%2Bbase%2B2.10.17%2Bdfsg-0%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/ansible@2.10.7%2Bmerged%2Bbase%2B2.10.17%2Bdfsg-0%2Bdeb11u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ansible@2.10.7%252Bmerged%252Bbase%252B2.10.17%252Bdfsg-0%252Bdeb11u2%3Fdistro=trixie
2
url pkg:deb/debian/ansible@5.4.0-1?distro=trixie
purl pkg:deb/debian/ansible@5.4.0-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ansible@5.4.0-1%3Fdistro=trixie
3
url pkg:deb/debian/ansible@7.7.0%2Bdfsg-3%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/ansible@7.7.0%2Bdfsg-3%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ansible@7.7.0%252Bdfsg-3%252Bdeb12u1%3Fdistro=trixie
4
url pkg:deb/debian/ansible@12.0.0%2Bdfsg-0%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/ansible@12.0.0%2Bdfsg-0%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ansible@12.0.0%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie
5
url pkg:deb/debian/ansible@13.4.0%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/ansible@13.4.0%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ansible@13.4.0%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2024-8775, GHSA-jpxc-vmjf-9fcj
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4pht-n5pc-f3gw
2
url VCID-682j-e2pu-1uee
vulnerability_id VCID-682j-e2pu-1uee
summary 
Improper Neutralization of Special Elements Used in a Template Engine
A template injection flaw was found in Ansible where a user's controller internal templating operations may remove the unsafe designation from template data. This issue could allow an attacker to use a specially crafted file to introduce code injection when supplying templating data.
references
0
reference_url https://access.redhat.com/errata/RHSA-2023:7773
reference_id
reference_type
scores
0
value 6.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N
1
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T03:55:28Z/
url https://access.redhat.com/errata/RHSA-2023:7773
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5764.json
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5764.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-5764
reference_id
reference_type
scores
0
value 0.00071
scoring_system epss
scoring_elements 0.2163
published_at 2026-04-08T12:55:00Z
1
value 0.00071
scoring_system epss
scoring_elements 0.21687
published_at 2026-04-09T12:55:00Z
2
value 0.00071
scoring_system epss
scoring_elements 0.21801
published_at 2026-04-04T12:55:00Z
3
value 0.00071
scoring_system epss
scoring_elements 0.21552
published_at 2026-04-07T12:55:00Z
4
value 0.00071
scoring_system epss
scoring_elements 0.21699
published_at 2026-04-11T12:55:00Z
5
value 0.00071
scoring_system epss
scoring_elements 0.21746
published_at 2026-04-02T12:55:00Z
6
value 0.00071
scoring_system epss
scoring_elements 0.2166
published_at 2026-04-12T12:55:00Z
7
value 0.00071
scoring_system epss
scoring_elements 0.21603
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-5764
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2247629
reference_id
reference_type
scores
0
value 6.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N
1
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T03:55:28Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=2247629
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5764
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5764
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://github.com/ansible/ansible
reference_id
reference_type
scores
0
value 6.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible
7
reference_url https://github.com/ansible/ansible/commit/270b39f6ff02511a2199505161218cbd1a5ae34f
reference_id
reference_type
scores
0
value 6.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/270b39f6ff02511a2199505161218cbd1a5ae34f
8
reference_url https://github.com/ansible/ansible/commit/7239d2d371bc6e274cbb7314e01431adce6ae25a
reference_id
reference_type
scores
0
value 6.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/7239d2d371bc6e274cbb7314e01431adce6ae25a
9
reference_url https://github.com/ansible/ansible/commit/fea130480d261ea5bf6fcd5cf19a348f1686ceb1
reference_id
reference_type
scores
0
value 6.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/fea130480d261ea5bf6fcd5cf19a348f1686ceb1
10
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X7Q6CHPVCHMZS5M7V22GOKFSXZAQ24EU
reference_id
reference_type
scores
0
value 6.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X7Q6CHPVCHMZS5M7V22GOKFSXZAQ24EU
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X7Q6CHPVCHMZS5M7V22GOKFSXZAQ24EU/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X7Q6CHPVCHMZS5M7V22GOKFSXZAQ24EU/
12
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1057427
reference_id 1057427
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1057427
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform:2.4::el8
reference_id cpe:/a:redhat:ansible_automation_platform:2.4::el8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform:2.4::el8
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform:2.4::el9
reference_id cpe:/a:redhat:ansible_automation_platform:2.4::el9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform:2.4::el9
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_developer:2.4::el8
reference_id cpe:/a:redhat:ansible_automation_platform_developer:2.4::el8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_developer:2.4::el8
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_developer:2.4::el9
reference_id cpe:/a:redhat:ansible_automation_platform_developer:2.4::el9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_developer:2.4::el9
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_inside:2.4::el8
reference_id cpe:/a:redhat:ansible_automation_platform_inside:2.4::el8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_inside:2.4::el8
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_inside:2.4::el9
reference_id cpe:/a:redhat:ansible_automation_platform_inside:2.4::el9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_inside:2.4::el9
19
reference_url https://access.redhat.com/security/cve/CVE-2023-5764
reference_id CVE-2023-5764
reference_type
scores
0
value 6.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N
1
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T03:55:28Z/
url https://access.redhat.com/security/cve/CVE-2023-5764
20
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-5764
reference_id CVE-2023-5764
reference_type
scores
0
value 6.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-5764
21
reference_url https://github.com/advisories/GHSA-7j69-qfc3-2fq9
reference_id GHSA-7j69-qfc3-2fq9
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-7j69-qfc3-2fq9
22
reference_url https://usn.ubuntu.com/6846-1/
reference_id USN-6846-1
reference_type
scores
url https://usn.ubuntu.com/6846-1/
fixed_packages
0
url pkg:deb/debian/ansible@2.10.7%2Bmerged%2Bbase%2B2.10.17%2Bdfsg-0%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/ansible@2.10.7%2Bmerged%2Bbase%2B2.10.17%2Bdfsg-0%2Bdeb11u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ansible@2.10.7%252Bmerged%252Bbase%252B2.10.17%252Bdfsg-0%252Bdeb11u1%3Fdistro=trixie
1
url pkg:deb/debian/ansible@5.4.0-1?distro=trixie
purl pkg:deb/debian/ansible@5.4.0-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ansible@5.4.0-1%3Fdistro=trixie
2
url pkg:deb/debian/ansible@7.7.0%2Bdfsg-3%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/ansible@7.7.0%2Bdfsg-3%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ansible@7.7.0%252Bdfsg-3%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/ansible@12.0.0%2Bdfsg-0%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/ansible@12.0.0%2Bdfsg-0%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ansible@12.0.0%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/ansible@13.4.0%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/ansible@13.4.0%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ansible@13.4.0%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2023-5764, GHSA-7j69-qfc3-2fq9
risk_score 3.2
exploitability 0.5
weighted_severity 6.4
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-682j-e2pu-1uee
3
url VCID-axc3-wcsk-q3eg
vulnerability_id VCID-axc3-wcsk-q3eg
summary A flaw was found in Ansible, where a user's controller is vulnerable to template injection. This issue can occur through facts used in the template if the user is trying to put templates in multi-line YAML strings and the facts being handled do not routinely include special template characters. This flaw allows attackers to perform command injection, which discloses sensitive information. The highest threat from this vulnerability is to confidentiality and integrity.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3583.json
reference_id
reference_type
scores
0
value 6.6
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3583.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-3583
reference_id
reference_type
scores
0
value 0.00319
scoring_system epss
scoring_elements 0.5489
published_at 2026-04-13T12:55:00Z
1
value 0.00319
scoring_system epss
scoring_elements 0.54913
published_at 2026-04-12T12:55:00Z
2
value 0.00319
scoring_system epss
scoring_elements 0.54931
published_at 2026-04-11T12:55:00Z
3
value 0.00319
scoring_system epss
scoring_elements 0.54919
published_at 2026-04-09T12:55:00Z
4
value 0.00319
scoring_system epss
scoring_elements 0.54804
published_at 2026-04-01T12:55:00Z
5
value 0.00319
scoring_system epss
scoring_elements 0.5487
published_at 2026-04-07T12:55:00Z
6
value 0.00319
scoring_system epss
scoring_elements 0.54901
published_at 2026-04-04T12:55:00Z
7
value 0.00319
scoring_system epss
scoring_elements 0.54875
published_at 2026-04-02T12:55:00Z
8
value 0.00319
scoring_system epss
scoring_elements 0.5492
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-3583
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1968412
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value 8.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1968412
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3583
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3583
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://github.com/advisories/GHSA-2pfh-q76x-gwvm
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value 8.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-2pfh-q76x-gwvm
6
reference_url https://github.com/ansible/ansible
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value 8.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible
7
reference_url https://github.com/ansible/ansible/commit/03aff644cc1c00e1f7551195c68fbd0d13a39e6e
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value 8.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/03aff644cc1c00e1f7551195c68fbd0d13a39e6e
8
reference_url https://github.com/ansible/ansible/commit/8aa850e3573e48c9a2f12aef84e8a3a6f5ba4847
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value 8.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/8aa850e3573e48c9a2f12aef84e8a3a6f5ba4847
9
reference_url https://github.com/ansible/ansible/commit/8b17e5b9229ffaecfe10a4881bc3f87dd2c184e1
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value 8.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/8b17e5b9229ffaecfe10a4881bc3f87dd2c184e1
10
reference_url https://github.com/ansible/ansible/pull/74960
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value 8.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/pull/74960
11
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2021-358.yaml
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value 8.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2021-358.yaml
12
reference_url https://lists.debian.org/debian-lts-announce/2023/12/msg00018.html
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value 8.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2023/12/msg00018.html
13
reference_url https://security.archlinux.org/AVG-2260
reference_id AVG-2260
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2260
14
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-3583
reference_id CVE-2021-3583
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value 8.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-3583
15
reference_url https://access.redhat.com/errata/RHSA-2021:2663
reference_id RHSA-2021:2663
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:2663
16
reference_url https://access.redhat.com/errata/RHSA-2021:2664
reference_id RHSA-2021:2664
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:2664
17
reference_url https://usn.ubuntu.com/USN-5315-1/
reference_id USN-USN-5315-1
reference_type
scores
url https://usn.ubuntu.com/USN-5315-1/
fixed_packages
0
url pkg:deb/debian/ansible@2.10.7%2Bmerged%2Bbase%2B2.10.17%2Bdfsg-0%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/ansible@2.10.7%2Bmerged%2Bbase%2B2.10.17%2Bdfsg-0%2Bdeb11u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ansible@2.10.7%252Bmerged%252Bbase%252B2.10.17%252Bdfsg-0%252Bdeb11u1%3Fdistro=trixie
1
url pkg:deb/debian/ansible@5.4.0-1?distro=trixie
purl pkg:deb/debian/ansible@5.4.0-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ansible@5.4.0-1%3Fdistro=trixie
2
url pkg:deb/debian/ansible@7.7.0%2Bdfsg-3%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/ansible@7.7.0%2Bdfsg-3%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ansible@7.7.0%252Bdfsg-3%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/ansible@12.0.0%2Bdfsg-0%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/ansible@12.0.0%2Bdfsg-0%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ansible@12.0.0%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/ansible@13.4.0%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/ansible@13.4.0%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ansible@13.4.0%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2021-3583, GHSA-2pfh-q76x-gwvm, PYSEC-2021-358
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-axc3-wcsk-q3eg
4
url VCID-g2pj-dmae-e3er
vulnerability_id VCID-g2pj-dmae-e3er
summary An information disclosure flaw was found in ansible-core due to a failure to respect the ANSIBLE_NO_LOG configuration in some scenarios. It was discovered that information is still included in the output in certain tasks, such as loop items. Depending on the task, this issue may include sensitive information, such as decrypted secret values.
references
0
reference_url https://access.redhat.com/errata/RHSA-2024:0733
reference_id
reference_type
scores
0
value 5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
1
value 5.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
2
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T18:30:30Z/
url https://access.redhat.com/errata/RHSA-2024:0733
1
reference_url https://access.redhat.com/errata/RHSA-2024:2246
reference_id
reference_type
scores
0
value 5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
1
value 5.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T18:30:30Z/
url https://access.redhat.com/errata/RHSA-2024:2246
2
reference_url https://access.redhat.com/errata/RHSA-2024:3043
reference_id
reference_type
scores
0
value 5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
1
value 5.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T18:30:30Z/
url https://access.redhat.com/errata/RHSA-2024:3043
3
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0690.json
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0690.json
4
reference_url https://access.redhat.com/security/cve/CVE-2024-0690
reference_id
reference_type
scores
0
value 5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
1
value 5.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
2
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T18:30:30Z/
url https://access.redhat.com/security/cve/CVE-2024-0690
5
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-0690
reference_id
reference_type
scores
0
value 0.00065
scoring_system epss
scoring_elements 0.20151
published_at 2026-04-13T12:55:00Z
1
value 0.00065
scoring_system epss
scoring_elements 0.2031
published_at 2026-04-02T12:55:00Z
2
value 0.00065
scoring_system epss
scoring_elements 0.20369
published_at 2026-04-04T12:55:00Z
3
value 0.00065
scoring_system epss
scoring_elements 0.20093
published_at 2026-04-07T12:55:00Z
4
value 0.00065
scoring_system epss
scoring_elements 0.20174
published_at 2026-04-08T12:55:00Z
5
value 0.00065
scoring_system epss
scoring_elements 0.20232
published_at 2026-04-09T12:55:00Z
6
value 0.00065
scoring_system epss
scoring_elements 0.20256
published_at 2026-04-11T12:55:00Z
7
value 0.00065
scoring_system epss
scoring_elements 0.20211
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-0690
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2259013
reference_id
reference_type
scores
0
value 5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
1
value 5.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
2
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T18:30:30Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=2259013
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0690
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0690
8
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
9
reference_url https://github.com/ansible/ansible
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible
10
reference_url https://github.com/ansible/ansible/commit/6935c8e303440addd3871ecf8e04bde61080b032
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/6935c8e303440addd3871ecf8e04bde61080b032
11
reference_url https://github.com/ansible/ansible/commit/78db3a3de6b40fb52d216685ae7cb903c609c3e1
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/78db3a3de6b40fb52d216685ae7cb903c609c3e1
12
reference_url https://github.com/ansible/ansible/commit/b9a03bbf5a63459468baf8895ff74a62e9be4532
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/b9a03bbf5a63459468baf8895ff74a62e9be4532
13
reference_url https://github.com/ansible/ansible/commit/beb04bc2642c208447c5a936f94310528a1946b1
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/beb04bc2642c208447c5a936f94310528a1946b1
14
reference_url https://github.com/ansible/ansible/pull/82565
reference_id
reference_type
scores
0
value 5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
1
value 5.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
2
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T18:30:30Z/
url https://github.com/ansible/ansible/pull/82565
15
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/ansible-core/PYSEC-2024-36.yaml
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/ansible-core/PYSEC-2024-36.yaml
16
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IZQGCRDSZL7ONCULMB6ZUHOE4L44KIBP
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IZQGCRDSZL7ONCULMB6ZUHOE4L44KIBP
17
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VDYSWOCPZMNRU5LWKIEBW4WGWLMTU7WQ
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VDYSWOCPZMNRU5LWKIEBW4WGWLMTU7WQ
18
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-0690
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-0690
19
reference_url https://security.netapp.com/advisory/ntap-20250117-0001
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20250117-0001
20
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1061156
reference_id 1061156
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1061156
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform:2.4::el8
reference_id cpe:/a:redhat:ansible_automation_platform:2.4::el8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform:2.4::el8
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform:2.4::el9
reference_id cpe:/a:redhat:ansible_automation_platform:2.4::el9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform:2.4::el9
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_developer:2.4::el8
reference_id cpe:/a:redhat:ansible_automation_platform_developer:2.4::el8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_developer:2.4::el8
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_developer:2.4::el9
reference_id cpe:/a:redhat:ansible_automation_platform_developer:2.4::el9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_developer:2.4::el9
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_inside:2.4::el8
reference_id cpe:/a:redhat:ansible_automation_platform_inside:2.4::el8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_inside:2.4::el8
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_inside:2.4::el9
reference_id cpe:/a:redhat:ansible_automation_platform_inside:2.4::el9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_inside:2.4::el9
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream
reference_id cpe:/a:redhat:enterprise_linux:8::appstream
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream
reference_id cpe:/a:redhat:enterprise_linux:9::appstream
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream
29
reference_url https://github.com/advisories/GHSA-h24r-m9qc-pvpg
reference_id GHSA-h24r-m9qc-pvpg
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-h24r-m9qc-pvpg
fixed_packages
0
url pkg:deb/debian/ansible@2.10.7%2Bmerged%2Bbase%2B2.10.17%2Bdfsg-0%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/ansible@2.10.7%2Bmerged%2Bbase%2B2.10.17%2Bdfsg-0%2Bdeb11u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ansible@2.10.7%252Bmerged%252Bbase%252B2.10.17%252Bdfsg-0%252Bdeb11u1%3Fdistro=trixie
1
url pkg:deb/debian/ansible@5.4.0-1?distro=trixie
purl pkg:deb/debian/ansible@5.4.0-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ansible@5.4.0-1%3Fdistro=trixie
2
url pkg:deb/debian/ansible@7.7.0%2Bdfsg-3%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/ansible@7.7.0%2Bdfsg-3%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ansible@7.7.0%252Bdfsg-3%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/ansible@12.0.0%2Bdfsg-0%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/ansible@12.0.0%2Bdfsg-0%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ansible@12.0.0%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/ansible@13.4.0%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/ansible@13.4.0%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ansible@13.4.0%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2024-0690, GHSA-h24r-m9qc-pvpg, PYSEC-2024-36
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-g2pj-dmae-e3er
5
url VCID-geaa-6dxx-tbcw
vulnerability_id VCID-geaa-6dxx-tbcw
summary A flaw was found in Ansible Engine's ansible-connection module, where sensitive information such as the Ansible user credentials is disclosed by default in the traceback error message. The highest threat from this vulnerability is to confidentiality.
references
0
reference_url https://access.redhat.com/errata/RHSA-2021:3871
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2021:3871
1
reference_url https://access.redhat.com/errata/RHSA-2021:3872
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2021:3872
2
reference_url https://access.redhat.com/errata/RHSA-2021:3874
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2021:3874
3
reference_url https://access.redhat.com/errata/RHSA-2021:4703
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2021:4703
4
reference_url https://access.redhat.com/errata/RHSA-2021:4750
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2021:4750
5
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3620.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3620.json
6
reference_url https://access.redhat.com/security/cve/CVE-2021-3620
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2021-3620
7
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-3620
reference_id
reference_type
scores
0
value 0.0029
scoring_system epss
scoring_elements 0.52409
published_at 2026-04-02T12:55:00Z
1
value 0.0029
scoring_system epss
scoring_elements 0.52437
published_at 2026-04-04T12:55:00Z
2
value 0.0029
scoring_system epss
scoring_elements 0.52402
published_at 2026-04-07T12:55:00Z
3
value 0.0029
scoring_system epss
scoring_elements 0.52455
published_at 2026-04-08T12:55:00Z
4
value 0.0029
scoring_system epss
scoring_elements 0.52364
published_at 2026-04-01T12:55:00Z
5
value 0.0029
scoring_system epss
scoring_elements 0.525
published_at 2026-04-11T12:55:00Z
6
value 0.0029
scoring_system epss
scoring_elements 0.52484
published_at 2026-04-12T12:55:00Z
7
value 0.0029
scoring_system epss
scoring_elements 0.52468
published_at 2026-04-13T12:55:00Z
8
value 0.0029
scoring_system epss
scoring_elements 0.52449
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-3620
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1975767
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:09:25Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=1975767
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3620
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3620
10
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
11
reference_url https://github.com/advisories/GHSA-4r65-35qq-ch8j
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-4r65-35qq-ch8j
12
reference_url https://github.com/ansible/ansible
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible
13
reference_url https://github.com/ansible/ansible/blob/stable-2.9/changelogs/CHANGELOG-v2.9.rst#security-fixes
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:09:25Z/
url https://github.com/ansible/ansible/blob/stable-2.9/changelogs/CHANGELOG-v2.9.rst#security-fixes
14
reference_url https://github.com/ansible/ansible/commit/fe28767970c8ec62aabe493c46b53a5de1e5fac0
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:09:25Z/
url https://github.com/ansible/ansible/commit/fe28767970c8ec62aabe493c46b53a5de1e5fac0
15
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2022-164.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2022-164.yaml
16
reference_url https://lists.debian.org/debian-lts-announce/2023/12/msg00018.html
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:09:25Z/
url https://lists.debian.org/debian-lts-announce/2023/12/msg00018.html
17
reference_url https://security.archlinux.org/AVG-1941
reference_id AVG-1941
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1941
18
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-3620
reference_id CVE-2021-3620
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-3620
19
reference_url https://usn.ubuntu.com/USN-5315-1/
reference_id USN-USN-5315-1
reference_type
scores
url https://usn.ubuntu.com/USN-5315-1/
fixed_packages
0
url pkg:deb/debian/ansible@2.10.7%2Bmerged%2Bbase%2B2.10.17%2Bdfsg-0%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/ansible@2.10.7%2Bmerged%2Bbase%2B2.10.17%2Bdfsg-0%2Bdeb11u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ansible@2.10.7%252Bmerged%252Bbase%252B2.10.17%252Bdfsg-0%252Bdeb11u1%3Fdistro=trixie
1
url pkg:deb/debian/ansible@5.4.0-1?distro=trixie
purl pkg:deb/debian/ansible@5.4.0-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ansible@5.4.0-1%3Fdistro=trixie
2
url pkg:deb/debian/ansible@7.7.0%2Bdfsg-3%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/ansible@7.7.0%2Bdfsg-3%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ansible@7.7.0%252Bdfsg-3%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/ansible@12.0.0%2Bdfsg-0%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/ansible@12.0.0%2Bdfsg-0%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ansible@12.0.0%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/ansible@13.4.0%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/ansible@13.4.0%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ansible@13.4.0%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2021-3620, GHSA-4r65-35qq-ch8j, PYSEC-2022-164
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-geaa-6dxx-tbcw
6
url VCID-ujbp-cc1r-wfe9
vulnerability_id VCID-ujbp-cc1r-wfe9
summary 
Ansible symlink attack vulnerability
An absolute path traversal attack exists in the Ansible automation platform. This flaw allows an attacker to craft a malicious Ansible role and make the victim execute the role. A symlink can be used to overwrite a file outside of the extraction path.
references
0
reference_url https://access.redhat.com/errata/RHSA-2023:5701
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2023:5701
1
reference_url https://access.redhat.com/errata/RHSA-2023:5758
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2023:5758
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5115.json
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5115.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-5115
reference_id
reference_type
scores
0
value 0.00716
scoring_system epss
scoring_elements 0.72353
published_at 2026-04-04T12:55:00Z
1
value 0.00716
scoring_system epss
scoring_elements 0.72376
published_at 2026-04-13T12:55:00Z
2
value 0.00716
scoring_system epss
scoring_elements 0.72388
published_at 2026-04-12T12:55:00Z
3
value 0.00716
scoring_system epss
scoring_elements 0.72404
published_at 2026-04-11T12:55:00Z
4
value 0.00716
scoring_system epss
scoring_elements 0.72381
published_at 2026-04-09T12:55:00Z
5
value 0.00716
scoring_system epss
scoring_elements 0.7233
published_at 2026-04-07T12:55:00Z
6
value 0.00716
scoring_system epss
scoring_elements 0.72335
published_at 2026-04-02T12:55:00Z
7
value 0.00716
scoring_system epss
scoring_elements 0.72369
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-5115
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2233810
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=2233810
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5115
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5115
6
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
7
reference_url https://github.com/ansible/ansible
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible
8
reference_url https://github.com/ansible/ansible/commit/1e930684bc0a76ec3d094cd326738ad26416541c
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/1e930684bc0a76ec3d094cd326738ad26416541c
9
reference_url https://github.com/ansible-community/ansible-build-data/blob/16d36538b96c65d9e0e28d89781361b69857ac0e/8/CHANGELOG-v8.rst#L221
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible-community/ansible-build-data/blob/16d36538b96c65d9e0e28d89781361b69857ac0e/8/CHANGELOG-v8.rst#L221
10
reference_url https://lists.debian.org/debian-lts-announce/2023/12/msg00018.html
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2023/12/msg00018.html
11
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053693
reference_id 1053693
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053693
12
reference_url https://access.redhat.com/security/cve/CVE-2023-5115
reference_id CVE-2023-5115
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2023-5115
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-5115
reference_id CVE-2023-5115
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-5115
14
reference_url https://github.com/advisories/GHSA-jpvw-p8pr-9g2x
reference_id GHSA-jpvw-p8pr-9g2x
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-jpvw-p8pr-9g2x
fixed_packages
0
url pkg:deb/debian/ansible@2.10.7%2Bmerged%2Bbase%2B2.10.17%2Bdfsg-0%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/ansible@2.10.7%2Bmerged%2Bbase%2B2.10.17%2Bdfsg-0%2Bdeb11u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ansible@2.10.7%252Bmerged%252Bbase%252B2.10.17%252Bdfsg-0%252Bdeb11u1%3Fdistro=trixie
1
url pkg:deb/debian/ansible@5.4.0-1?distro=trixie
purl pkg:deb/debian/ansible@5.4.0-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ansible@5.4.0-1%3Fdistro=trixie
2
url pkg:deb/debian/ansible@7.7.0%2Bdfsg-3%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/ansible@7.7.0%2Bdfsg-3%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ansible@7.7.0%252Bdfsg-3%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/ansible@12.0.0%2Bdfsg-0%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/ansible@12.0.0%2Bdfsg-0%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ansible@12.0.0%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/ansible@13.4.0%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/ansible@13.4.0%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ansible@13.4.0%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2023-5115, GHSA-jpvw-p8pr-9g2x
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ujbp-cc1r-wfe9
7
url VCID-v6rk-y6ws-dkh9
vulnerability_id VCID-v6rk-y6ws-dkh9
summary 
Ansible-Core vulnerable to content protections bypass
A flaw was found in Ansible-Core. This vulnerability allows attackers to bypass unsafe content protections using the hostvars object to reference and execute templated content. This issue can lead to arbitrary code execution if remote data or module outputs are improperly templated within playbooks.
references
0
reference_url https://access.redhat.com/errata/RHSA-2024:10770
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L
1
value 1.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:P/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L/E:P
2
value LOW
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-12T14:41:52Z/
url https://access.redhat.com/errata/RHSA-2024:10770
1
reference_url https://access.redhat.com/errata/RHSA-2024:11145
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L
1
value 1.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:P/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L/E:P
2
value LOW
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-12T14:41:52Z/
url https://access.redhat.com/errata/RHSA-2024:11145
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11079.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11079.json
3
reference_url https://access.redhat.com/security/cve/CVE-2024-11079
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L
1
value 1.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:P/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L/E:P
2
value LOW
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-12T14:41:52Z/
url https://access.redhat.com/security/cve/CVE-2024-11079
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-11079
reference_id
reference_type
scores
0
value 0.00064
scoring_system epss
scoring_elements 0.19813
published_at 2026-04-13T12:55:00Z
1
value 0.00064
scoring_system epss
scoring_elements 0.19772
published_at 2026-04-07T12:55:00Z
2
value 0.00064
scoring_system epss
scoring_elements 0.20045
published_at 2026-04-04T12:55:00Z
3
value 0.00064
scoring_system epss
scoring_elements 0.19986
published_at 2026-04-02T12:55:00Z
4
value 0.00064
scoring_system epss
scoring_elements 0.19905
published_at 2026-04-09T12:55:00Z
5
value 0.00064
scoring_system epss
scoring_elements 0.19915
published_at 2026-04-11T12:55:00Z
6
value 0.00064
scoring_system epss
scoring_elements 0.19871
published_at 2026-04-12T12:55:00Z
7
value 0.00064
scoring_system epss
scoring_elements 0.19851
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-11079
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2325171
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L
1
value 1.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:P/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L/E:P
2
value LOW
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-12T14:41:52Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=2325171
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11079
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11079
7
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
8
reference_url https://github.com/ansible/ansible
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L
1
value 1.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:P/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L/E:P
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible
9
reference_url https://github.com/ansible/ansible/blob/v2.18.1/changelogs/CHANGELOG-v2.18.rst#security-fixes
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L
1
value 1.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:P/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L/E:P
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/blob/v2.18.1/changelogs/CHANGELOG-v2.18.rst#security-fixes
10
reference_url https://github.com/ansible/ansible/commit/2936b80dbbc7efb889934aeec80f6142c10266ce
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L
1
value 1.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:P/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L/E:P
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/2936b80dbbc7efb889934aeec80f6142c10266ce
11
reference_url https://github.com/ansible/ansible/commit/70e83e72b43e05e57eb42a6d52d01a4d9768f510
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L
1
value 1.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:P/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L/E:P
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/70e83e72b43e05e57eb42a6d52d01a4d9768f510
12
reference_url https://github.com/ansible/ansible/commit/98774d15d7748ebaaaf2e83942cc7e8d39f7280e
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L
1
value 1.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:P/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L/E:P
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/98774d15d7748ebaaaf2e83942cc7e8d39f7280e
13
reference_url https://github.com/ansible/ansible/pull/84299
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L
1
value 1.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:P/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L/E:P
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/pull/84299
14
reference_url https://github.com/ansible/ansible/pull/84339
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L
1
value 1.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:P/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L/E:P
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/pull/84339
15
reference_url https://lists.debian.org/debian-lts-announce/2026/03/msg00006.html
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L
1
value 1.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:P/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L/E:P
2
value LOW
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2026/03/msg00006.html
16
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-11079
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L
1
value 1.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:P/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L/E:P
2
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-11079
17
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1088106
reference_id 1088106
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1088106
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform:2.5::el8
reference_id cpe:/a:redhat:ansible_automation_platform:2.5::el8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform:2.5::el8
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform:2.5::el9
reference_id cpe:/a:redhat:ansible_automation_platform:2.5::el9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform:2.5::el9
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_developer:2.5::el8
reference_id cpe:/a:redhat:ansible_automation_platform_developer:2.5::el8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_developer:2.5::el8
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_developer:2.5::el9
reference_id cpe:/a:redhat:ansible_automation_platform_developer:2.5::el9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_developer:2.5::el9
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_inside:2.5::el8
reference_id cpe:/a:redhat:ansible_automation_platform_inside:2.5::el8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_inside:2.5::el8
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_inside:2.5::el9
reference_id cpe:/a:redhat:ansible_automation_platform_inside:2.5::el9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_inside:2.5::el9
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_core:2::el8
reference_id cpe:/a:redhat:ansible_core:2::el8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_core:2::el8
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_core:2::el9
reference_id cpe:/a:redhat:ansible_core:2::el9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_core:2::el9
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux_ai:1
reference_id cpe:/a:redhat:enterprise_linux_ai:1
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux_ai:1
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10
reference_id cpe:/o:redhat:enterprise_linux:10
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10
28
reference_url https://github.com/advisories/GHSA-99w6-3xph-cx78
reference_id GHSA-99w6-3xph-cx78
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-99w6-3xph-cx78
fixed_packages
0
url pkg:deb/debian/ansible@2.10.7%2Bmerged%2Bbase%2B2.10.17%2Bdfsg-0%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/ansible@2.10.7%2Bmerged%2Bbase%2B2.10.17%2Bdfsg-0%2Bdeb11u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ansible@2.10.7%252Bmerged%252Bbase%252B2.10.17%252Bdfsg-0%252Bdeb11u1%3Fdistro=trixie
1
url pkg:deb/debian/ansible@2.10.7%2Bmerged%2Bbase%2B2.10.17%2Bdfsg-0%2Bdeb11u4?distro=trixie
purl pkg:deb/debian/ansible@2.10.7%2Bmerged%2Bbase%2B2.10.17%2Bdfsg-0%2Bdeb11u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ansible@2.10.7%252Bmerged%252Bbase%252B2.10.17%252Bdfsg-0%252Bdeb11u4%3Fdistro=trixie
2
url pkg:deb/debian/ansible@5.4.0-1?distro=trixie
purl pkg:deb/debian/ansible@5.4.0-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ansible@5.4.0-1%3Fdistro=trixie
3
url pkg:deb/debian/ansible@7.7.0%2Bdfsg-3%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/ansible@7.7.0%2Bdfsg-3%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ansible@7.7.0%252Bdfsg-3%252Bdeb12u1%3Fdistro=trixie
4
url pkg:deb/debian/ansible@12.0.0%2Bdfsg-0%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/ansible@12.0.0%2Bdfsg-0%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ansible@12.0.0%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie
5
url pkg:deb/debian/ansible@13.4.0%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/ansible@13.4.0%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ansible@13.4.0%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2024-11079, GHSA-99w6-3xph-cx78
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-v6rk-y6ws-dkh9
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/ansible@5.4.0-1%3Fdistro=trixie