Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/ansible-core@2.14.16-0%2Bdeb12u1?distro=trixie
Typedeb
Namespacedebian
Nameansible-core
Version2.14.16-0+deb12u1
Qualifiers
distro trixie
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version2.14.18-0+deb12u1
Latest_non_vulnerable_version2.20.3-1
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-682j-e2pu-1uee
vulnerability_id VCID-682j-e2pu-1uee
summary 
Improper Neutralization of Special Elements Used in a Template Engine
A template injection flaw was found in Ansible where a user's controller internal templating operations may remove the unsafe designation from template data. This issue could allow an attacker to use a specially crafted file to introduce code injection when supplying templating data.
references
0
reference_url https://access.redhat.com/errata/RHSA-2023:7773
reference_id
reference_type
scores
0
value 6.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N
1
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T03:55:28Z/
url https://access.redhat.com/errata/RHSA-2023:7773
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5764.json
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5764.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-5764
reference_id
reference_type
scores
0
value 0.00065
scoring_system epss
scoring_elements 0.20144
published_at 2026-04-21T12:55:00Z
1
value 0.00071
scoring_system epss
scoring_elements 0.2166
published_at 2026-04-12T12:55:00Z
2
value 0.00071
scoring_system epss
scoring_elements 0.21603
published_at 2026-04-13T12:55:00Z
3
value 0.00071
scoring_system epss
scoring_elements 0.21687
published_at 2026-04-09T12:55:00Z
4
value 0.00071
scoring_system epss
scoring_elements 0.21801
published_at 2026-04-04T12:55:00Z
5
value 0.00071
scoring_system epss
scoring_elements 0.21552
published_at 2026-04-07T12:55:00Z
6
value 0.00071
scoring_system epss
scoring_elements 0.2163
published_at 2026-04-08T12:55:00Z
7
value 0.00071
scoring_system epss
scoring_elements 0.21699
published_at 2026-04-11T12:55:00Z
8
value 0.00071
scoring_system epss
scoring_elements 0.21601
published_at 2026-04-16T12:55:00Z
9
value 0.00071
scoring_system epss
scoring_elements 0.21746
published_at 2026-04-02T12:55:00Z
10
value 0.00071
scoring_system epss
scoring_elements 0.21609
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-5764
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2247629
reference_id
reference_type
scores
0
value 6.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N
1
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T03:55:28Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=2247629
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5764
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5764
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://github.com/ansible/ansible
reference_id
reference_type
scores
0
value 6.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible
7
reference_url https://github.com/ansible/ansible/commit/270b39f6ff02511a2199505161218cbd1a5ae34f
reference_id
reference_type
scores
0
value 6.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/270b39f6ff02511a2199505161218cbd1a5ae34f
8
reference_url https://github.com/ansible/ansible/commit/7239d2d371bc6e274cbb7314e01431adce6ae25a
reference_id
reference_type
scores
0
value 6.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/7239d2d371bc6e274cbb7314e01431adce6ae25a
9
reference_url https://github.com/ansible/ansible/commit/fea130480d261ea5bf6fcd5cf19a348f1686ceb1
reference_id
reference_type
scores
0
value 6.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/fea130480d261ea5bf6fcd5cf19a348f1686ceb1
10
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X7Q6CHPVCHMZS5M7V22GOKFSXZAQ24EU
reference_id
reference_type
scores
0
value 6.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X7Q6CHPVCHMZS5M7V22GOKFSXZAQ24EU
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X7Q6CHPVCHMZS5M7V22GOKFSXZAQ24EU/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X7Q6CHPVCHMZS5M7V22GOKFSXZAQ24EU/
12
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1057427
reference_id 1057427
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1057427
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform:2.4::el8
reference_id cpe:/a:redhat:ansible_automation_platform:2.4::el8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform:2.4::el8
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform:2.4::el9
reference_id cpe:/a:redhat:ansible_automation_platform:2.4::el9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform:2.4::el9
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_developer:2.4::el8
reference_id cpe:/a:redhat:ansible_automation_platform_developer:2.4::el8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_developer:2.4::el8
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_developer:2.4::el9
reference_id cpe:/a:redhat:ansible_automation_platform_developer:2.4::el9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_developer:2.4::el9
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_inside:2.4::el8
reference_id cpe:/a:redhat:ansible_automation_platform_inside:2.4::el8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_inside:2.4::el8
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_inside:2.4::el9
reference_id cpe:/a:redhat:ansible_automation_platform_inside:2.4::el9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_inside:2.4::el9
19
reference_url https://access.redhat.com/security/cve/CVE-2023-5764
reference_id CVE-2023-5764
reference_type
scores
0
value 6.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N
1
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T03:55:28Z/
url https://access.redhat.com/security/cve/CVE-2023-5764
20
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-5764
reference_id CVE-2023-5764
reference_type
scores
0
value 6.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-5764
21
reference_url https://github.com/advisories/GHSA-7j69-qfc3-2fq9
reference_id GHSA-7j69-qfc3-2fq9
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-7j69-qfc3-2fq9
22
reference_url https://usn.ubuntu.com/6846-1/
reference_id USN-6846-1
reference_type
scores
url https://usn.ubuntu.com/6846-1/
fixed_packages
0
url pkg:deb/debian/ansible-core@2.14.13-1?distro=trixie
purl pkg:deb/debian/ansible-core@2.14.13-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ansible-core@2.14.13-1%3Fdistro=trixie
1
url pkg:deb/debian/ansible-core@2.14.16-0%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/ansible-core@2.14.16-0%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ansible-core@2.14.16-0%252Bdeb12u1%3Fdistro=trixie
2
url pkg:deb/debian/ansible-core@2.14.18-0%2Bdeb12u2?distro=trixie
purl pkg:deb/debian/ansible-core@2.14.18-0%2Bdeb12u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ansible-core@2.14.18-0%252Bdeb12u2%3Fdistro=trixie
3
url pkg:deb/debian/ansible-core@2.19.4-0%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/ansible-core@2.19.4-0%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ansible-core@2.19.4-0%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/ansible-core@2.20.3-1?distro=trixie
purl pkg:deb/debian/ansible-core@2.20.3-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ansible-core@2.20.3-1%3Fdistro=trixie
aliases CVE-2023-5764, GHSA-7j69-qfc3-2fq9
risk_score 3.2
exploitability 0.5
weighted_severity 6.4
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-682j-e2pu-1uee
1
url VCID-g2pj-dmae-e3er
vulnerability_id VCID-g2pj-dmae-e3er
summary An information disclosure flaw was found in ansible-core due to a failure to respect the ANSIBLE_NO_LOG configuration in some scenarios. It was discovered that information is still included in the output in certain tasks, such as loop items. Depending on the task, this issue may include sensitive information, such as decrypted secret values.
references
0
reference_url https://access.redhat.com/errata/RHSA-2024:0733
reference_id
reference_type
scores
0
value 5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
1
value 5.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
2
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T18:30:30Z/
url https://access.redhat.com/errata/RHSA-2024:0733
1
reference_url https://access.redhat.com/errata/RHSA-2024:2246
reference_id
reference_type
scores
0
value 5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
1
value 5.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T18:30:30Z/
url https://access.redhat.com/errata/RHSA-2024:2246
2
reference_url https://access.redhat.com/errata/RHSA-2024:3043
reference_id
reference_type
scores
0
value 5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
1
value 5.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T18:30:30Z/
url https://access.redhat.com/errata/RHSA-2024:3043
3
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0690.json
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0690.json
4
reference_url https://access.redhat.com/security/cve/CVE-2024-0690
reference_id
reference_type
scores
0
value 5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
1
value 5.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
2
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T18:30:30Z/
url https://access.redhat.com/security/cve/CVE-2024-0690
5
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-0690
reference_id
reference_type
scores
0
value 0.0006
scoring_system epss
scoring_elements 0.18685
published_at 2026-04-21T12:55:00Z
1
value 0.00065
scoring_system epss
scoring_elements 0.20174
published_at 2026-04-08T12:55:00Z
2
value 0.00065
scoring_system epss
scoring_elements 0.20232
published_at 2026-04-09T12:55:00Z
3
value 0.00065
scoring_system epss
scoring_elements 0.20369
published_at 2026-04-04T12:55:00Z
4
value 0.00065
scoring_system epss
scoring_elements 0.2031
published_at 2026-04-02T12:55:00Z
5
value 0.00065
scoring_system epss
scoring_elements 0.20093
published_at 2026-04-07T12:55:00Z
6
value 0.00065
scoring_system epss
scoring_elements 0.20211
published_at 2026-04-12T12:55:00Z
7
value 0.00065
scoring_system epss
scoring_elements 0.20151
published_at 2026-04-13T12:55:00Z
8
value 0.00065
scoring_system epss
scoring_elements 0.20143
published_at 2026-04-16T12:55:00Z
9
value 0.00065
scoring_system epss
scoring_elements 0.20147
published_at 2026-04-18T12:55:00Z
10
value 0.00065
scoring_system epss
scoring_elements 0.20256
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-0690
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2259013
reference_id
reference_type
scores
0
value 5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
1
value 5.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
2
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T18:30:30Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=2259013
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0690
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0690
8
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
9
reference_url https://github.com/ansible/ansible
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible
10
reference_url https://github.com/ansible/ansible/commit/6935c8e303440addd3871ecf8e04bde61080b032
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/6935c8e303440addd3871ecf8e04bde61080b032
11
reference_url https://github.com/ansible/ansible/commit/78db3a3de6b40fb52d216685ae7cb903c609c3e1
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/78db3a3de6b40fb52d216685ae7cb903c609c3e1
12
reference_url https://github.com/ansible/ansible/commit/b9a03bbf5a63459468baf8895ff74a62e9be4532
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/b9a03bbf5a63459468baf8895ff74a62e9be4532
13
reference_url https://github.com/ansible/ansible/commit/beb04bc2642c208447c5a936f94310528a1946b1
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/beb04bc2642c208447c5a936f94310528a1946b1
14
reference_url https://github.com/ansible/ansible/pull/82565
reference_id
reference_type
scores
0
value 5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
1
value 5.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
2
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T18:30:30Z/
url https://github.com/ansible/ansible/pull/82565
15
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/ansible-core/PYSEC-2024-36.yaml
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/ansible-core/PYSEC-2024-36.yaml
16
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IZQGCRDSZL7ONCULMB6ZUHOE4L44KIBP
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IZQGCRDSZL7ONCULMB6ZUHOE4L44KIBP
17
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VDYSWOCPZMNRU5LWKIEBW4WGWLMTU7WQ
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VDYSWOCPZMNRU5LWKIEBW4WGWLMTU7WQ
18
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-0690
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-0690
19
reference_url https://security.netapp.com/advisory/ntap-20250117-0001
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20250117-0001
20
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1061156
reference_id 1061156
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1061156
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform:2.4::el8
reference_id cpe:/a:redhat:ansible_automation_platform:2.4::el8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform:2.4::el8
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform:2.4::el9
reference_id cpe:/a:redhat:ansible_automation_platform:2.4::el9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform:2.4::el9
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_developer:2.4::el8
reference_id cpe:/a:redhat:ansible_automation_platform_developer:2.4::el8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_developer:2.4::el8
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_developer:2.4::el9
reference_id cpe:/a:redhat:ansible_automation_platform_developer:2.4::el9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_developer:2.4::el9
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_inside:2.4::el8
reference_id cpe:/a:redhat:ansible_automation_platform_inside:2.4::el8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_inside:2.4::el8
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_inside:2.4::el9
reference_id cpe:/a:redhat:ansible_automation_platform_inside:2.4::el9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_inside:2.4::el9
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream
reference_id cpe:/a:redhat:enterprise_linux:8::appstream
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream
reference_id cpe:/a:redhat:enterprise_linux:9::appstream
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream
29
reference_url https://github.com/advisories/GHSA-h24r-m9qc-pvpg
reference_id GHSA-h24r-m9qc-pvpg
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-h24r-m9qc-pvpg
fixed_packages
0
url pkg:deb/debian/ansible-core@2.14.16-0%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/ansible-core@2.14.16-0%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ansible-core@2.14.16-0%252Bdeb12u1%3Fdistro=trixie
1
url pkg:deb/debian/ansible-core@2.14.18-0%2Bdeb12u2?distro=trixie
purl pkg:deb/debian/ansible-core@2.14.18-0%2Bdeb12u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ansible-core@2.14.18-0%252Bdeb12u2%3Fdistro=trixie
2
url pkg:deb/debian/ansible-core@2.16.5-1?distro=trixie
purl pkg:deb/debian/ansible-core@2.16.5-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ansible-core@2.16.5-1%3Fdistro=trixie
3
url pkg:deb/debian/ansible-core@2.19.4-0%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/ansible-core@2.19.4-0%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ansible-core@2.19.4-0%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/ansible-core@2.20.3-1?distro=trixie
purl pkg:deb/debian/ansible-core@2.20.3-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ansible-core@2.20.3-1%3Fdistro=trixie
aliases CVE-2024-0690, GHSA-h24r-m9qc-pvpg, PYSEC-2024-36
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-g2pj-dmae-e3er
2
url VCID-ujbp-cc1r-wfe9
vulnerability_id VCID-ujbp-cc1r-wfe9
summary 
Ansible symlink attack vulnerability
An absolute path traversal attack exists in the Ansible automation platform. This flaw allows an attacker to craft a malicious Ansible role and make the victim execute the role. A symlink can be used to overwrite a file outside of the extraction path.
references
0
reference_url https://access.redhat.com/errata/RHSA-2023:5701
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2023:5701
1
reference_url https://access.redhat.com/errata/RHSA-2023:5758
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2023:5758
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5115.json
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5115.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-5115
reference_id
reference_type
scores
0
value 0.0066
scoring_system epss
scoring_elements 0.71112
published_at 2026-04-21T12:55:00Z
1
value 0.00716
scoring_system epss
scoring_elements 0.7233
published_at 2026-04-07T12:55:00Z
2
value 0.00716
scoring_system epss
scoring_elements 0.72427
published_at 2026-04-18T12:55:00Z
3
value 0.00716
scoring_system epss
scoring_elements 0.72417
published_at 2026-04-16T12:55:00Z
4
value 0.00716
scoring_system epss
scoring_elements 0.72376
published_at 2026-04-13T12:55:00Z
5
value 0.00716
scoring_system epss
scoring_elements 0.72404
published_at 2026-04-11T12:55:00Z
6
value 0.00716
scoring_system epss
scoring_elements 0.72381
published_at 2026-04-09T12:55:00Z
7
value 0.00716
scoring_system epss
scoring_elements 0.72369
published_at 2026-04-08T12:55:00Z
8
value 0.00716
scoring_system epss
scoring_elements 0.72335
published_at 2026-04-02T12:55:00Z
9
value 0.00716
scoring_system epss
scoring_elements 0.72353
published_at 2026-04-04T12:55:00Z
10
value 0.00716
scoring_system epss
scoring_elements 0.72388
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-5115
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2233810
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=2233810
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5115
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5115
6
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
7
reference_url https://github.com/ansible/ansible
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible
8
reference_url https://github.com/ansible/ansible/commit/1e930684bc0a76ec3d094cd326738ad26416541c
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/1e930684bc0a76ec3d094cd326738ad26416541c
9
reference_url https://github.com/ansible-community/ansible-build-data/blob/16d36538b96c65d9e0e28d89781361b69857ac0e/8/CHANGELOG-v8.rst#L221
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible-community/ansible-build-data/blob/16d36538b96c65d9e0e28d89781361b69857ac0e/8/CHANGELOG-v8.rst#L221
10
reference_url https://lists.debian.org/debian-lts-announce/2023/12/msg00018.html
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2023/12/msg00018.html
11
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053693
reference_id 1053693
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053693
12
reference_url https://access.redhat.com/security/cve/CVE-2023-5115
reference_id CVE-2023-5115
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2023-5115
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-5115
reference_id CVE-2023-5115
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-5115
14
reference_url https://github.com/advisories/GHSA-jpvw-p8pr-9g2x
reference_id GHSA-jpvw-p8pr-9g2x
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-jpvw-p8pr-9g2x
fixed_packages
0
url pkg:deb/debian/ansible-core@2.14.11-1?distro=trixie
purl pkg:deb/debian/ansible-core@2.14.11-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ansible-core@2.14.11-1%3Fdistro=trixie
1
url pkg:deb/debian/ansible-core@2.14.16-0%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/ansible-core@2.14.16-0%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ansible-core@2.14.16-0%252Bdeb12u1%3Fdistro=trixie
2
url pkg:deb/debian/ansible-core@2.14.18-0%2Bdeb12u2?distro=trixie
purl pkg:deb/debian/ansible-core@2.14.18-0%2Bdeb12u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ansible-core@2.14.18-0%252Bdeb12u2%3Fdistro=trixie
3
url pkg:deb/debian/ansible-core@2.19.4-0%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/ansible-core@2.19.4-0%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ansible-core@2.19.4-0%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/ansible-core@2.20.3-1?distro=trixie
purl pkg:deb/debian/ansible-core@2.20.3-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ansible-core@2.20.3-1%3Fdistro=trixie
aliases CVE-2023-5115, GHSA-jpvw-p8pr-9g2x
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ujbp-cc1r-wfe9
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/ansible-core@2.14.16-0%252Bdeb12u1%3Fdistro=trixie