Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:pypi/ansible@2.7.18
Typepypi
Namespace
Nameansible
Version2.7.18
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version12.0.0
Latest_non_vulnerable_version12.2.0
Affected_by_vulnerabilities
0
url VCID-4yvf-k192-9fca
vulnerability_id VCID-4yvf-k192-9fca
summary A flaw was found in Ansible if an ansible user sets ANSIBLE_ASYNC_DIR to a subdirectory of a world writable directory. When this occurs, there is a race condition on the managed machine. A malicious, non-privileged account on the remote machine can exploit the race condition to access the async result data. This flaw affects Ansible Tower 3.7 and Ansible Automation Platform 1.2.
references
0
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1956477
reference_id
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1956477
1
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2
reference_url https://security.archlinux.org/AVG-2056
reference_id AVG-2056
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2056
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-3533
reference_id CVE-2021-3533
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2021-3533
fixed_packages
0
url pkg:pypi/ansible@3.0.0
purl pkg:pypi/ansible@3.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-qbdk-hxhg-wbh4
1
vulnerability VCID-ujbp-cc1r-wfe9
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@3.0.0
aliases CVE-2021-3533, PYSEC-2021-126
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4yvf-k192-9fca
1
url VCID-682j-e2pu-1uee
vulnerability_id VCID-682j-e2pu-1uee
summary 
Improper Neutralization of Special Elements Used in a Template Engine
A template injection flaw was found in Ansible where a user's controller internal templating operations may remove the unsafe designation from template data. This issue could allow an attacker to use a specially crafted file to introduce code injection when supplying templating data.
references
0
reference_url https://access.redhat.com/errata/RHSA-2023:7773
reference_id
reference_type
scores
0
value 6.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N
1
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T03:55:28Z/
url https://access.redhat.com/errata/RHSA-2023:7773
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5764.json
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5764.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-5764
reference_id
reference_type
scores
0
value 0.00071
scoring_system epss
scoring_elements 0.21609
published_at 2026-04-18T12:55:00Z
1
value 0.00071
scoring_system epss
scoring_elements 0.21746
published_at 2026-04-02T12:55:00Z
2
value 0.00071
scoring_system epss
scoring_elements 0.21801
published_at 2026-04-04T12:55:00Z
3
value 0.00071
scoring_system epss
scoring_elements 0.21552
published_at 2026-04-07T12:55:00Z
4
value 0.00071
scoring_system epss
scoring_elements 0.2163
published_at 2026-04-08T12:55:00Z
5
value 0.00071
scoring_system epss
scoring_elements 0.21687
published_at 2026-04-09T12:55:00Z
6
value 0.00071
scoring_system epss
scoring_elements 0.21699
published_at 2026-04-11T12:55:00Z
7
value 0.00071
scoring_system epss
scoring_elements 0.2166
published_at 2026-04-12T12:55:00Z
8
value 0.00071
scoring_system epss
scoring_elements 0.21603
published_at 2026-04-13T12:55:00Z
9
value 0.00071
scoring_system epss
scoring_elements 0.21601
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-5764
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2247629
reference_id
reference_type
scores
0
value 6.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N
1
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T03:55:28Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=2247629
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5764
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5764
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://github.com/ansible/ansible
reference_id
reference_type
scores
0
value 6.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible
7
reference_url https://github.com/ansible/ansible/commit/270b39f6ff02511a2199505161218cbd1a5ae34f
reference_id
reference_type
scores
0
value 6.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/270b39f6ff02511a2199505161218cbd1a5ae34f
8
reference_url https://github.com/ansible/ansible/commit/7239d2d371bc6e274cbb7314e01431adce6ae25a
reference_id
reference_type
scores
0
value 6.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/7239d2d371bc6e274cbb7314e01431adce6ae25a
9
reference_url https://github.com/ansible/ansible/commit/fea130480d261ea5bf6fcd5cf19a348f1686ceb1
reference_id
reference_type
scores
0
value 6.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/fea130480d261ea5bf6fcd5cf19a348f1686ceb1
10
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X7Q6CHPVCHMZS5M7V22GOKFSXZAQ24EU
reference_id
reference_type
scores
0
value 6.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X7Q6CHPVCHMZS5M7V22GOKFSXZAQ24EU
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X7Q6CHPVCHMZS5M7V22GOKFSXZAQ24EU/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X7Q6CHPVCHMZS5M7V22GOKFSXZAQ24EU/
12
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1057427
reference_id 1057427
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1057427
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform:2.4::el8
reference_id cpe:/a:redhat:ansible_automation_platform:2.4::el8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform:2.4::el8
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform:2.4::el9
reference_id cpe:/a:redhat:ansible_automation_platform:2.4::el9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform:2.4::el9
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_developer:2.4::el8
reference_id cpe:/a:redhat:ansible_automation_platform_developer:2.4::el8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_developer:2.4::el8
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_developer:2.4::el9
reference_id cpe:/a:redhat:ansible_automation_platform_developer:2.4::el9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_developer:2.4::el9
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_inside:2.4::el8
reference_id cpe:/a:redhat:ansible_automation_platform_inside:2.4::el8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_inside:2.4::el8
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_inside:2.4::el9
reference_id cpe:/a:redhat:ansible_automation_platform_inside:2.4::el9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_inside:2.4::el9
19
reference_url https://access.redhat.com/security/cve/CVE-2023-5764
reference_id CVE-2023-5764
reference_type
scores
0
value 6.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N
1
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T03:55:28Z/
url https://access.redhat.com/security/cve/CVE-2023-5764
20
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-5764
reference_id CVE-2023-5764
reference_type
scores
0
value 6.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-5764
21
reference_url https://github.com/advisories/GHSA-7j69-qfc3-2fq9
reference_id GHSA-7j69-qfc3-2fq9
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-7j69-qfc3-2fq9
22
reference_url https://usn.ubuntu.com/6846-1/
reference_id USN-6846-1
reference_type
scores
url https://usn.ubuntu.com/6846-1/
fixed_packages
0
url pkg:pypi/ansible@3.0.0b1
purl pkg:pypi/ansible@3.0.0b1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4yvf-k192-9fca
1
vulnerability VCID-qbdk-hxhg-wbh4
2
vulnerability VCID-ujbp-cc1r-wfe9
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@3.0.0b1
1
url pkg:pypi/ansible@3.0.0
purl pkg:pypi/ansible@3.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-qbdk-hxhg-wbh4
1
vulnerability VCID-ujbp-cc1r-wfe9
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@3.0.0
aliases CVE-2023-5764, GHSA-7j69-qfc3-2fq9
risk_score 3.2
exploitability 0.5
weighted_severity 6.4
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-682j-e2pu-1uee
2
url VCID-atun-stks-4kcb
vulnerability_id VCID-atun-stks-4kcb
summary 
Insertion of Sensitive Information into Log File
A flaw was found in ansible module where credentials are disclosed in the console log by default and not protected by the security feature when using the bitbucket_pipeline_variable module. This flaw allows an attacker to steal bitbucket_pipeline credentials. The highest threat from this vulnerability is to confidentiality.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20180.json
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20180.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-20180
reference_id
reference_type
scores
0
value 0.00038
scoring_system epss
scoring_elements 0.11149
published_at 2026-04-18T12:55:00Z
1
value 0.00038
scoring_system epss
scoring_elements 0.11147
published_at 2026-04-16T12:55:00Z
2
value 0.00038
scoring_system epss
scoring_elements 0.11284
published_at 2026-04-13T12:55:00Z
3
value 0.00038
scoring_system epss
scoring_elements 0.11312
published_at 2026-04-12T12:55:00Z
4
value 0.00038
scoring_system epss
scoring_elements 0.11345
published_at 2026-04-11T12:55:00Z
5
value 0.00038
scoring_system epss
scoring_elements 0.11339
published_at 2026-04-09T12:55:00Z
6
value 0.00038
scoring_system epss
scoring_elements 0.11285
published_at 2026-04-08T12:55:00Z
7
value 0.00038
scoring_system epss
scoring_elements 0.11208
published_at 2026-04-01T12:55:00Z
8
value 0.00038
scoring_system epss
scoring_elements 0.11204
published_at 2026-04-07T12:55:00Z
9
value 0.00038
scoring_system epss
scoring_elements 0.11355
published_at 2026-04-02T12:55:00Z
10
value 0.00038
scoring_system epss
scoring_elements 0.11412
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-20180
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1915808
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1915808
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20180
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20180
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://github.com/ansible/ansible
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible
6
reference_url https://github.com/ansible/ansible/blob/v2.8.19/changelogs/CHANGELOG-v2.8.rst
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/blob/v2.8.19/changelogs/CHANGELOG-v2.8.rst
7
reference_url https://github.com/ansible/ansible/blob/v2.9.18/changelogs/CHANGELOG-v2.9.rst
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/blob/v2.9.18/changelogs/CHANGELOG-v2.9.rst
8
reference_url https://github.com/ansible/ansible/pull/73242
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/pull/73242
9
reference_url https://github.com/ansible/ansible/pull/73243
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/pull/73243
10
reference_url https://github.com/ansible/ansible/tree/v2.7.18/lib/ansible/modules/source_control
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/tree/v2.7.18/lib/ansible/modules/source_control
11
reference_url https://github.com/ansible/ansible/tree/v2.8.0a1/lib/ansible/modules/source_control
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/tree/v2.8.0a1/lib/ansible/modules/source_control
12
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985753
reference_id 985753
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985753
13
reference_url https://security.archlinux.org/ASA-202102-9
reference_id ASA-202102-9
reference_type
scores
url https://security.archlinux.org/ASA-202102-9
14
reference_url https://security.archlinux.org/AVG-1437
reference_id AVG-1437
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1437
15
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-20180
reference_id CVE-2021-20180
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-20180
16
reference_url https://github.com/advisories/GHSA-fh5v-5f35-2rv2
reference_id GHSA-fh5v-5f35-2rv2
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-fh5v-5f35-2rv2
17
reference_url https://access.redhat.com/errata/RHSA-2021:0663
reference_id RHSA-2021:0663
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0663
18
reference_url https://access.redhat.com/errata/RHSA-2021:0664
reference_id RHSA-2021:0664
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0664
19
reference_url https://access.redhat.com/errata/RHSA-2021:1079
reference_id RHSA-2021:1079
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:1079
20
reference_url https://access.redhat.com/errata/RHSA-2021:2180
reference_id RHSA-2021:2180
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:2180
fixed_packages
0
url pkg:pypi/ansible@2.8.19
purl pkg:pypi/ansible@2.8.19
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4yvf-k192-9fca
1
vulnerability VCID-682j-e2pu-1uee
2
vulnerability VCID-atun-stks-4kcb
3
vulnerability VCID-axc3-wcsk-q3eg
4
vulnerability VCID-c1xg-s3kx-gkft
5
vulnerability VCID-dzdx-wae5-8ydy
6
vulnerability VCID-e3z2-ydhb-gqfg
7
vulnerability VCID-fj2p-7wkh-1fhq
8
vulnerability VCID-geaa-6dxx-tbcw
9
vulnerability VCID-js7k-ptm9-2yh1
10
vulnerability VCID-qbdk-hxhg-wbh4
11
vulnerability VCID-rdwq-93d6-c7b4
12
vulnerability VCID-rg5d-st3d-nbah
13
vulnerability VCID-ujbp-cc1r-wfe9
14
vulnerability VCID-v3h9-1t69-v7a3
15
vulnerability VCID-x94k-nxyd-27gs
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.8.19
1
url pkg:pypi/ansible@2.9.18
purl pkg:pypi/ansible@2.9.18
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4yvf-k192-9fca
1
vulnerability VCID-682j-e2pu-1uee
2
vulnerability VCID-axc3-wcsk-q3eg
3
vulnerability VCID-c1xg-s3kx-gkft
4
vulnerability VCID-dzdx-wae5-8ydy
5
vulnerability VCID-e3z2-ydhb-gqfg
6
vulnerability VCID-geaa-6dxx-tbcw
7
vulnerability VCID-qbdk-hxhg-wbh4
8
vulnerability VCID-rg5d-st3d-nbah
9
vulnerability VCID-ujbp-cc1r-wfe9
10
vulnerability VCID-v3h9-1t69-v7a3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.18
aliases CVE-2021-20180, GHSA-fh5v-5f35-2rv2
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-atun-stks-4kcb
3
url VCID-axc3-wcsk-q3eg
vulnerability_id VCID-axc3-wcsk-q3eg
summary A flaw was found in Ansible, where a user's controller is vulnerable to template injection. This issue can occur through facts used in the template if the user is trying to put templates in multi-line YAML strings and the facts being handled do not routinely include special template characters. This flaw allows attackers to perform command injection, which discloses sensitive information. The highest threat from this vulnerability is to confidentiality and integrity.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3583.json
reference_id
reference_type
scores
0
value 6.6
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3583.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-3583
reference_id
reference_type
scores
0
value 0.00319
scoring_system epss
scoring_elements 0.54927
published_at 2026-04-16T12:55:00Z
1
value 0.00319
scoring_system epss
scoring_elements 0.5489
published_at 2026-04-13T12:55:00Z
2
value 0.00319
scoring_system epss
scoring_elements 0.54913
published_at 2026-04-12T12:55:00Z
3
value 0.00319
scoring_system epss
scoring_elements 0.54931
published_at 2026-04-18T12:55:00Z
4
value 0.00319
scoring_system epss
scoring_elements 0.54919
published_at 2026-04-09T12:55:00Z
5
value 0.00319
scoring_system epss
scoring_elements 0.5492
published_at 2026-04-08T12:55:00Z
6
value 0.00319
scoring_system epss
scoring_elements 0.5487
published_at 2026-04-07T12:55:00Z
7
value 0.00319
scoring_system epss
scoring_elements 0.54901
published_at 2026-04-04T12:55:00Z
8
value 0.00319
scoring_system epss
scoring_elements 0.54875
published_at 2026-04-02T12:55:00Z
9
value 0.00319
scoring_system epss
scoring_elements 0.54804
published_at 2026-04-01T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-3583
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1968412
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value 8.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1968412
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3583
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3583
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://github.com/advisories/GHSA-2pfh-q76x-gwvm
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value 8.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-2pfh-q76x-gwvm
6
reference_url https://github.com/ansible/ansible
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value 8.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible
7
reference_url https://github.com/ansible/ansible/commit/03aff644cc1c00e1f7551195c68fbd0d13a39e6e
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value 8.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/03aff644cc1c00e1f7551195c68fbd0d13a39e6e
8
reference_url https://github.com/ansible/ansible/commit/8aa850e3573e48c9a2f12aef84e8a3a6f5ba4847
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value 8.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/8aa850e3573e48c9a2f12aef84e8a3a6f5ba4847
9
reference_url https://github.com/ansible/ansible/commit/8b17e5b9229ffaecfe10a4881bc3f87dd2c184e1
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value 8.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/8b17e5b9229ffaecfe10a4881bc3f87dd2c184e1
10
reference_url https://github.com/ansible/ansible/pull/74960
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value 8.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/pull/74960
11
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2021-358.yaml
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value 8.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2021-358.yaml
12
reference_url https://lists.debian.org/debian-lts-announce/2023/12/msg00018.html
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value 8.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2023/12/msg00018.html
13
reference_url https://security.archlinux.org/AVG-2260
reference_id AVG-2260
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2260
14
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-3583
reference_id CVE-2021-3583
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value 8.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-3583
15
reference_url https://access.redhat.com/errata/RHSA-2021:2663
reference_id RHSA-2021:2663
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:2663
16
reference_url https://access.redhat.com/errata/RHSA-2021:2664
reference_id RHSA-2021:2664
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:2664
17
reference_url https://usn.ubuntu.com/USN-5315-1/
reference_id USN-USN-5315-1
reference_type
scores
url https://usn.ubuntu.com/USN-5315-1/
fixed_packages
0
url pkg:pypi/ansible@2.9.23rc1
purl pkg:pypi/ansible@2.9.23rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4yvf-k192-9fca
1
vulnerability VCID-682j-e2pu-1uee
2
vulnerability VCID-axc3-wcsk-q3eg
3
vulnerability VCID-c1xg-s3kx-gkft
4
vulnerability VCID-dzdx-wae5-8ydy
5
vulnerability VCID-geaa-6dxx-tbcw
6
vulnerability VCID-qbdk-hxhg-wbh4
7
vulnerability VCID-rg5d-st3d-nbah
8
vulnerability VCID-ujbp-cc1r-wfe9
9
vulnerability VCID-v3h9-1t69-v7a3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.23rc1
1
url pkg:pypi/ansible@2.9.23
purl pkg:pypi/ansible@2.9.23
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4yvf-k192-9fca
1
vulnerability VCID-682j-e2pu-1uee
2
vulnerability VCID-c1xg-s3kx-gkft
3
vulnerability VCID-dzdx-wae5-8ydy
4
vulnerability VCID-geaa-6dxx-tbcw
5
vulnerability VCID-qbdk-hxhg-wbh4
6
vulnerability VCID-rg5d-st3d-nbah
7
vulnerability VCID-ujbp-cc1r-wfe9
8
vulnerability VCID-v3h9-1t69-v7a3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.23
2
url pkg:pypi/ansible@2.10.11rc1
purl pkg:pypi/ansible@2.10.11rc1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.10.11rc1
3
url pkg:pypi/ansible@2.11.2rc1
purl pkg:pypi/ansible@2.11.2rc1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.11.2rc1
4
url pkg:pypi/ansible@3.0.0b1
purl pkg:pypi/ansible@3.0.0b1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4yvf-k192-9fca
1
vulnerability VCID-qbdk-hxhg-wbh4
2
vulnerability VCID-ujbp-cc1r-wfe9
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@3.0.0b1
aliases CVE-2021-3583, GHSA-2pfh-q76x-gwvm, PYSEC-2021-358
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-axc3-wcsk-q3eg
4
url VCID-c1xg-s3kx-gkft
vulnerability_id VCID-c1xg-s3kx-gkft
summary A flaw was found in Ansible Engine when a file is moved using atomic_move primitive as the file mode cannot be specified. This sets the destination files world-readable if the destination file does not exist and if the file exists, the file could be changed to have less restrictive permissions before the move. This could lead to the disclosure of sensitive data. All versions in 2.7.x, 2.8.x and 2.9.x branches are believed to be vulnerable.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1736.json
reference_id
reference_type
scores
0
value 2.2
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1736.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-1736
reference_id
reference_type
scores
0
value 0.0004
scoring_system epss
scoring_elements 0.12184
published_at 2026-04-07T12:55:00Z
1
value 0.0004
scoring_system epss
scoring_elements 0.12221
published_at 2026-04-01T12:55:00Z
2
value 0.0004
scoring_system epss
scoring_elements 0.12337
published_at 2026-04-02T12:55:00Z
3
value 0.0004
scoring_system epss
scoring_elements 0.12383
published_at 2026-04-04T12:55:00Z
4
value 0.00045
scoring_system epss
scoring_elements 0.13875
published_at 2026-04-11T12:55:00Z
5
value 0.00045
scoring_system epss
scoring_elements 0.13918
published_at 2026-04-09T12:55:00Z
6
value 0.00045
scoring_system epss
scoring_elements 0.13866
published_at 2026-04-08T12:55:00Z
7
value 0.00045
scoring_system epss
scoring_elements 0.13695
published_at 2026-04-18T12:55:00Z
8
value 0.00045
scoring_system epss
scoring_elements 0.137
published_at 2026-04-16T12:55:00Z
9
value 0.00045
scoring_system epss
scoring_elements 0.13791
published_at 2026-04-13T12:55:00Z
10
value 0.00045
scoring_system epss
scoring_elements 0.13839
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-1736
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1736
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value 4.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1736
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1736
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1736
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 2.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://github.com/advisories/GHSA-x7jh-595q-wq82
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value 4.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-x7jh-595q-wq82
6
reference_url https://github.com/ansible/ansible
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value 4.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible
7
reference_url https://github.com/ansible/ansible/issues/67794
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value 4.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/issues/67794
8
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2020-8.yaml
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value 4.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2020-8.yaml
9
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2NYYQP2XJB2TTRP6AKWVMBSPB2DFJNKD/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2NYYQP2XJB2TTRP6AKWVMBSPB2DFJNKD/
10
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BPNZWBAUP4ZHUR6PO7U6ZXEKNCX62KZ7/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BPNZWBAUP4ZHUR6PO7U6ZXEKNCX62KZ7/
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2NYYQP2XJB2TTRP6AKWVMBSPB2DFJNKD
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value 4.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2NYYQP2XJB2TTRP6AKWVMBSPB2DFJNKD
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2NYYQP2XJB2TTRP6AKWVMBSPB2DFJNKD/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2NYYQP2XJB2TTRP6AKWVMBSPB2DFJNKD/
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BPNZWBAUP4ZHUR6PO7U6ZXEKNCX62KZ7
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value 4.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BPNZWBAUP4ZHUR6PO7U6ZXEKNCX62KZ7
14
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BPNZWBAUP4ZHUR6PO7U6ZXEKNCX62KZ7/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BPNZWBAUP4ZHUR6PO7U6ZXEKNCX62KZ7/
15
reference_url https://security.gentoo.org/glsa/202006-11
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value 4.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202006-11
16
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1802124
reference_id 1802124
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1802124
17
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=966663
reference_id 966663
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=966663
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:ansible:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible:*:*:*:*:*:*:*:*
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_tower:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:ansible_tower:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_tower:*:*:*:*:*:*:*:*
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:cloudforms_management_engine:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:cloudforms_management_engine:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:cloudforms_management_engine:5.0:*:*:*:*:*:*:*
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:13:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:openstack:13:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:13:*:*:*:*:*:*:*
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
reference_id cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*
reference_id cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*
24
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-1736
reference_id CVE-2020-1736
reference_type
scores
0
value 2.1
scoring_system cvssv2
scoring_elements AV:L/AC:L/Au:N/C:P/I:N/A:N
1
value 2.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N
2
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
3
value 4.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
4
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-1736
25
reference_url https://access.redhat.com/errata/RHSA-2020:3600
reference_id RHSA-2020:3600
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3600
fixed_packages
0
url pkg:pypi/ansible@2.8.9
purl pkg:pypi/ansible@2.8.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4yvf-k192-9fca
1
vulnerability VCID-682j-e2pu-1uee
2
vulnerability VCID-atun-stks-4kcb
3
vulnerability VCID-axc3-wcsk-q3eg
4
vulnerability VCID-b8zs-br97-57av
5
vulnerability VCID-c1xg-s3kx-gkft
6
vulnerability VCID-d7ez-s7qb-p3ay
7
vulnerability VCID-dzdx-wae5-8ydy
8
vulnerability VCID-e3z2-ydhb-gqfg
9
vulnerability VCID-ezaq-tqd3-4yd1
10
vulnerability VCID-ezux-6buh-h7h7
11
vulnerability VCID-fj2p-7wkh-1fhq
12
vulnerability VCID-geaa-6dxx-tbcw
13
vulnerability VCID-h1n3-cmte-eugf
14
vulnerability VCID-hqar-fca3-cbht
15
vulnerability VCID-jrxz-b168-7ug4
16
vulnerability VCID-js7k-ptm9-2yh1
17
vulnerability VCID-qbdk-hxhg-wbh4
18
vulnerability VCID-rdwq-93d6-c7b4
19
vulnerability VCID-rg5d-st3d-nbah
20
vulnerability VCID-ujbp-cc1r-wfe9
21
vulnerability VCID-v3h9-1t69-v7a3
22
vulnerability VCID-whyk-3ynn-zyf4
23
vulnerability VCID-x94k-nxyd-27gs
24
vulnerability VCID-xg2f-12w4-yqge
25
vulnerability VCID-xw8r-fn6y-mbhp
26
vulnerability VCID-yeea-n94x-qqch
27
vulnerability VCID-yur3-am6j-w7ay
28
vulnerability VCID-zzzs-scbg-bbe9
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.8.9
1
url pkg:pypi/ansible@2.9.6
purl pkg:pypi/ansible@2.9.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3jej-4jyp-cqbt
1
vulnerability VCID-4yvf-k192-9fca
2
vulnerability VCID-682j-e2pu-1uee
3
vulnerability VCID-atun-stks-4kcb
4
vulnerability VCID-axc3-wcsk-q3eg
5
vulnerability VCID-b8zs-br97-57av
6
vulnerability VCID-c1xg-s3kx-gkft
7
vulnerability VCID-d7ez-s7qb-p3ay
8
vulnerability VCID-dzdx-wae5-8ydy
9
vulnerability VCID-e3z2-ydhb-gqfg
10
vulnerability VCID-ezaq-tqd3-4yd1
11
vulnerability VCID-ezux-6buh-h7h7
12
vulnerability VCID-fj2p-7wkh-1fhq
13
vulnerability VCID-geaa-6dxx-tbcw
14
vulnerability VCID-h1n3-cmte-eugf
15
vulnerability VCID-hqar-fca3-cbht
16
vulnerability VCID-jrxz-b168-7ug4
17
vulnerability VCID-js7k-ptm9-2yh1
18
vulnerability VCID-qbdk-hxhg-wbh4
19
vulnerability VCID-rdwq-93d6-c7b4
20
vulnerability VCID-rg5d-st3d-nbah
21
vulnerability VCID-ujbp-cc1r-wfe9
22
vulnerability VCID-v3h9-1t69-v7a3
23
vulnerability VCID-whyk-3ynn-zyf4
24
vulnerability VCID-xg2f-12w4-yqge
25
vulnerability VCID-xw8r-fn6y-mbhp
26
vulnerability VCID-yeea-n94x-qqch
27
vulnerability VCID-yur3-am6j-w7ay
28
vulnerability VCID-zzzs-scbg-bbe9
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.6
2
url pkg:pypi/ansible@2.10.1
purl pkg:pypi/ansible@2.10.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2jy6-eqpn-wbce
1
vulnerability VCID-4yvf-k192-9fca
2
vulnerability VCID-682j-e2pu-1uee
3
vulnerability VCID-axc3-wcsk-q3eg
4
vulnerability VCID-e3z2-ydhb-gqfg
5
vulnerability VCID-qbdk-hxhg-wbh4
6
vulnerability VCID-ujbp-cc1r-wfe9
7
vulnerability VCID-xw8r-fn6y-mbhp
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.10.1
aliases CVE-2020-1736, GHSA-x7jh-595q-wq82, PYSEC-2020-8
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-c1xg-s3kx-gkft
5
url VCID-dzdx-wae5-8ydy
vulnerability_id VCID-dzdx-wae5-8ydy
summary 
Ansible leaks password to logs
A flaw was found in Ansible in the amazon.aws collection when using the `tower_callback` parameter from the `amazon.aws.ec2_instance` module. This flaw allows an attacker to take advantage of this issue as the module is handling the parameter insecurely, leading to the password leaking in the logs.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3697.json
reference_id
reference_type
scores
0
value 5.7
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3697.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-3697
reference_id
reference_type
scores
0
value 0.00191
scoring_system epss
scoring_elements 0.41039
published_at 2026-04-04T12:55:00Z
1
value 0.00191
scoring_system epss
scoring_elements 0.41008
published_at 2026-04-02T12:55:00Z
2
value 0.00216
scoring_system epss
scoring_elements 0.44243
published_at 2026-04-18T12:55:00Z
3
value 0.00216
scoring_system epss
scoring_elements 0.44152
published_at 2026-04-07T12:55:00Z
4
value 0.00216
scoring_system epss
scoring_elements 0.44203
published_at 2026-04-08T12:55:00Z
5
value 0.00216
scoring_system epss
scoring_elements 0.44207
published_at 2026-04-09T12:55:00Z
6
value 0.00216
scoring_system epss
scoring_elements 0.44224
published_at 2026-04-11T12:55:00Z
7
value 0.00216
scoring_system epss
scoring_elements 0.44191
published_at 2026-04-12T12:55:00Z
8
value 0.00216
scoring_system epss
scoring_elements 0.44192
published_at 2026-04-13T12:55:00Z
9
value 0.00216
scoring_system epss
scoring_elements 0.44253
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-3697
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3697
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3697
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/ansible/ansible
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible
5
reference_url https://github.com/ansible/ansible/pull/35749
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/pull/35749
6
reference_url https://github.com/ansible-collections/amazon.aws/pull/1199
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ansible-collections/amazon.aws/pull/1199
7
reference_url https://github.com/ansible-community/ansible-build-data/blob/main/6/CHANGELOG-v6.rst
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ansible-community/ansible-build-data/blob/main/6/CHANGELOG-v6.rst
8
reference_url https://lists.debian.org/debian-lts-announce/2023/12/msg00018.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2023/12/msg00018.html
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-3697
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-3697
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2137664
reference_id 2137664
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2137664
11
reference_url https://github.com/advisories/GHSA-cpx3-93w7-457x
reference_id GHSA-cpx3-93w7-457x
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-cpx3-93w7-457x
12
reference_url https://usn.ubuntu.com/6846-1/
reference_id USN-6846-1
reference_type
scores
url https://usn.ubuntu.com/6846-1/
fixed_packages
0
url pkg:pypi/ansible@2.10.0
purl pkg:pypi/ansible@2.10.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4yvf-k192-9fca
1
vulnerability VCID-682j-e2pu-1uee
2
vulnerability VCID-axc3-wcsk-q3eg
3
vulnerability VCID-c1xg-s3kx-gkft
4
vulnerability VCID-e3z2-ydhb-gqfg
5
vulnerability VCID-qbdk-hxhg-wbh4
6
vulnerability VCID-rg5d-st3d-nbah
7
vulnerability VCID-ujbp-cc1r-wfe9
8
vulnerability VCID-xw8r-fn6y-mbhp
9
vulnerability VCID-yeea-n94x-qqch
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.10.0
1
url pkg:pypi/ansible@7.0.0
purl pkg:pypi/ansible@7.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-qbdk-hxhg-wbh4
1
vulnerability VCID-ujbp-cc1r-wfe9
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@7.0.0
aliases CVE-2022-3697, GHSA-cpx3-93w7-457x
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dzdx-wae5-8ydy
6
url VCID-e3z2-ydhb-gqfg
vulnerability_id VCID-e3z2-ydhb-gqfg
summary A flaw was found in the Ansible Engine 2.9.18, where sensitive info is not masked by default and is not protected by the no_log feature when using the sub-option feature of the basic.py module. This flaw allows an attacker to obtain sensitive information. The highest threat from this vulnerability is to confidentiality.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20228.json
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20228.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-20228
reference_id
reference_type
scores
0
value 0.00149
scoring_system epss
scoring_elements 0.35424
published_at 2026-04-18T12:55:00Z
1
value 0.00149
scoring_system epss
scoring_elements 0.35436
published_at 2026-04-16T12:55:00Z
2
value 0.00149
scoring_system epss
scoring_elements 0.35396
published_at 2026-04-13T12:55:00Z
3
value 0.00149
scoring_system epss
scoring_elements 0.3542
published_at 2026-04-12T12:55:00Z
4
value 0.00149
scoring_system epss
scoring_elements 0.35276
published_at 2026-04-01T12:55:00Z
5
value 0.00149
scoring_system epss
scoring_elements 0.35454
published_at 2026-04-09T12:55:00Z
6
value 0.00149
scoring_system epss
scoring_elements 0.35429
published_at 2026-04-08T12:55:00Z
7
value 0.00149
scoring_system epss
scoring_elements 0.35383
published_at 2026-04-07T12:55:00Z
8
value 0.00149
scoring_system epss
scoring_elements 0.355
published_at 2026-04-04T12:55:00Z
9
value 0.00149
scoring_system epss
scoring_elements 0.35475
published_at 2026-04-02T12:55:00Z
10
value 0.00149
scoring_system epss
scoring_elements 0.35463
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-20228
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1925002
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1925002
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10156
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10156
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10206
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10206
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14846
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14846
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14864
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14864
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14904
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14904
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10684
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10684
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10685
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10685
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10729
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10729
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14330
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14330
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14332
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14332
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14365
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14365
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1733
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1733
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1735
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1735
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1739
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1739
17
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1740
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1740
18
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1746
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1746
19
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1753
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1753
20
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20228
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20228
21
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
22
reference_url https://github.com/advisories/GHSA-5rrg-rr89-x9mv
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-5rrg-rr89-x9mv
23
reference_url https://github.com/ansible/ansible
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible
24
reference_url https://github.com/ansible/ansible/commit/49ebd509df9de1c1fc1bcee00e79a835dd00662c
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/49ebd509df9de1c1fc1bcee00e79a835dd00662c
25
reference_url https://github.com/ansible/ansible/commit/e41d1f0a3fd6c466192e7e24accd3d1c6501111b
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/e41d1f0a3fd6c466192e7e24accd3d1c6501111b
26
reference_url https://github.com/ansible/ansible/commit/f8ff395d817c3eddc050f809919c15dfb5796120
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/f8ff395d817c3eddc050f809919c15dfb5796120
27
reference_url https://github.com/ansible/ansible/pull/73487
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/pull/73487
28
reference_url https://github.com/ansible/ansible/pull/73492
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/pull/73492
29
reference_url https://github.com/ansible/ansible/pull/73493
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/pull/73493
30
reference_url https://github.com/ansible/ansible/pull/73494
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/pull/73494
31
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2021-1.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2021-1.yaml
32
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-20228
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-20228
33
reference_url https://www.debian.org/security/2021/dsa-4950
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2021/dsa-4950
34
reference_url https://access.redhat.com/errata/RHSA-2021:0663
reference_id RHSA-2021:0663
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0663
35
reference_url https://access.redhat.com/errata/RHSA-2021:0664
reference_id RHSA-2021:0664
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0664
36
reference_url https://access.redhat.com/errata/RHSA-2021:1079
reference_id RHSA-2021:1079
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:1079
37
reference_url https://access.redhat.com/errata/RHSA-2021:2180
reference_id RHSA-2021:2180
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:2180
fixed_packages
0
url pkg:pypi/ansible@2.8.19rc1
purl pkg:pypi/ansible@2.8.19rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4yvf-k192-9fca
1
vulnerability VCID-682j-e2pu-1uee
2
vulnerability VCID-atun-stks-4kcb
3
vulnerability VCID-axc3-wcsk-q3eg
4
vulnerability VCID-c1xg-s3kx-gkft
5
vulnerability VCID-dzdx-wae5-8ydy
6
vulnerability VCID-e3z2-ydhb-gqfg
7
vulnerability VCID-fj2p-7wkh-1fhq
8
vulnerability VCID-geaa-6dxx-tbcw
9
vulnerability VCID-js7k-ptm9-2yh1
10
vulnerability VCID-qbdk-hxhg-wbh4
11
vulnerability VCID-rdwq-93d6-c7b4
12
vulnerability VCID-rg5d-st3d-nbah
13
vulnerability VCID-ujbp-cc1r-wfe9
14
vulnerability VCID-v3h9-1t69-v7a3
15
vulnerability VCID-x94k-nxyd-27gs
16
vulnerability VCID-xw8r-fn6y-mbhp
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.8.19rc1
1
url pkg:pypi/ansible@2.9.1
purl pkg:pypi/ansible@2.9.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3jej-4jyp-cqbt
1
vulnerability VCID-4yvf-k192-9fca
2
vulnerability VCID-682j-e2pu-1uee
3
vulnerability VCID-a49n-tvnt-p3df
4
vulnerability VCID-ae1r-yq1g-rkem
5
vulnerability VCID-atun-stks-4kcb
6
vulnerability VCID-axc3-wcsk-q3eg
7
vulnerability VCID-b8zs-br97-57av
8
vulnerability VCID-c1xg-s3kx-gkft
9
vulnerability VCID-d4ka-dk4p-kfhb
10
vulnerability VCID-d7ez-s7qb-p3ay
11
vulnerability VCID-dzdx-wae5-8ydy
12
vulnerability VCID-e3z2-ydhb-gqfg
13
vulnerability VCID-ezaq-tqd3-4yd1
14
vulnerability VCID-ezux-6buh-h7h7
15
vulnerability VCID-fj2p-7wkh-1fhq
16
vulnerability VCID-geaa-6dxx-tbcw
17
vulnerability VCID-h1n3-cmte-eugf
18
vulnerability VCID-hqar-fca3-cbht
19
vulnerability VCID-jrxz-b168-7ug4
20
vulnerability VCID-js7k-ptm9-2yh1
21
vulnerability VCID-qbdk-hxhg-wbh4
22
vulnerability VCID-rdwq-93d6-c7b4
23
vulnerability VCID-rg5d-st3d-nbah
24
vulnerability VCID-tdp4-h4ht-pqhs
25
vulnerability VCID-uhg5-zpzt-e3gz
26
vulnerability VCID-ujbp-cc1r-wfe9
27
vulnerability VCID-v3h9-1t69-v7a3
28
vulnerability VCID-whyk-3ynn-zyf4
29
vulnerability VCID-x94k-nxyd-27gs
30
vulnerability VCID-xg2f-12w4-yqge
31
vulnerability VCID-xw8r-fn6y-mbhp
32
vulnerability VCID-yeea-n94x-qqch
33
vulnerability VCID-yur3-am6j-w7ay
34
vulnerability VCID-zzzs-scbg-bbe9
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.1
2
url pkg:pypi/ansible@2.9.18rc1
purl pkg:pypi/ansible@2.9.18rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4yvf-k192-9fca
1
vulnerability VCID-682j-e2pu-1uee
2
vulnerability VCID-atun-stks-4kcb
3
vulnerability VCID-axc3-wcsk-q3eg
4
vulnerability VCID-c1xg-s3kx-gkft
5
vulnerability VCID-dzdx-wae5-8ydy
6
vulnerability VCID-e3z2-ydhb-gqfg
7
vulnerability VCID-fj2p-7wkh-1fhq
8
vulnerability VCID-geaa-6dxx-tbcw
9
vulnerability VCID-js7k-ptm9-2yh1
10
vulnerability VCID-qbdk-hxhg-wbh4
11
vulnerability VCID-rg5d-st3d-nbah
12
vulnerability VCID-ujbp-cc1r-wfe9
13
vulnerability VCID-v3h9-1t69-v7a3
14
vulnerability VCID-xw8r-fn6y-mbhp
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.18rc1
3
url pkg:pypi/ansible@2.9.19rc1
purl pkg:pypi/ansible@2.9.19rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4yvf-k192-9fca
1
vulnerability VCID-682j-e2pu-1uee
2
vulnerability VCID-axc3-wcsk-q3eg
3
vulnerability VCID-c1xg-s3kx-gkft
4
vulnerability VCID-dzdx-wae5-8ydy
5
vulnerability VCID-e3z2-ydhb-gqfg
6
vulnerability VCID-geaa-6dxx-tbcw
7
vulnerability VCID-qbdk-hxhg-wbh4
8
vulnerability VCID-rg5d-st3d-nbah
9
vulnerability VCID-ujbp-cc1r-wfe9
10
vulnerability VCID-v3h9-1t69-v7a3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.19rc1
4
url pkg:pypi/ansible@2.9.19
purl pkg:pypi/ansible@2.9.19
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4yvf-k192-9fca
1
vulnerability VCID-682j-e2pu-1uee
2
vulnerability VCID-axc3-wcsk-q3eg
3
vulnerability VCID-c1xg-s3kx-gkft
4
vulnerability VCID-dzdx-wae5-8ydy
5
vulnerability VCID-geaa-6dxx-tbcw
6
vulnerability VCID-qbdk-hxhg-wbh4
7
vulnerability VCID-rg5d-st3d-nbah
8
vulnerability VCID-ujbp-cc1r-wfe9
9
vulnerability VCID-v3h9-1t69-v7a3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.19
5
url pkg:pypi/ansible@2.10.6rc1
purl pkg:pypi/ansible@2.10.6rc1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.10.6rc1
6
url pkg:pypi/ansible@2.10.6
purl pkg:pypi/ansible@2.10.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4yvf-k192-9fca
1
vulnerability VCID-682j-e2pu-1uee
2
vulnerability VCID-axc3-wcsk-q3eg
3
vulnerability VCID-qbdk-hxhg-wbh4
4
vulnerability VCID-ujbp-cc1r-wfe9
5
vulnerability VCID-xw8r-fn6y-mbhp
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.10.6
aliases CVE-2021-20228, GHSA-5rrg-rr89-x9mv, PYSEC-2021-1
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-e3z2-ydhb-gqfg
7
url VCID-fj2p-7wkh-1fhq
vulnerability_id VCID-fj2p-7wkh-1fhq
summary A flaw was found in ansible module where credentials are disclosed in the console log by default and not protected by the security feature when using the bitbucket_pipeline_variable module. This flaw allows an attacker to steal bitbucket_pipeline credentials. The highest threat from this vulnerability is to confidentiality.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20178.json
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20178.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-20178
reference_id
reference_type
scores
0
value 0.00044
scoring_system epss
scoring_elements 0.13294
published_at 2026-04-18T12:55:00Z
1
value 0.00044
scoring_system epss
scoring_elements 0.13388
published_at 2026-04-13T12:55:00Z
2
value 0.00044
scoring_system epss
scoring_elements 0.13435
published_at 2026-04-12T12:55:00Z
3
value 0.00044
scoring_system epss
scoring_elements 0.13471
published_at 2026-04-11T12:55:00Z
4
value 0.00044
scoring_system epss
scoring_elements 0.13498
published_at 2026-04-09T12:55:00Z
5
value 0.00044
scoring_system epss
scoring_elements 0.13448
published_at 2026-04-08T12:55:00Z
6
value 0.00044
scoring_system epss
scoring_elements 0.13367
published_at 2026-04-07T12:55:00Z
7
value 0.00044
scoring_system epss
scoring_elements 0.13571
published_at 2026-04-04T12:55:00Z
8
value 0.00044
scoring_system epss
scoring_elements 0.1351
published_at 2026-04-02T12:55:00Z
9
value 0.00044
scoring_system epss
scoring_elements 0.13411
published_at 2026-04-01T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-20178
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1914774
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1914774
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20178
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20178
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://github.com/advisories/GHSA-wv5p-gmmv-wh9v
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-wv5p-gmmv-wh9v
6
reference_url https://github.com/ansible/ansible/blob/v2.9.18/changelogs/CHANGELOG-v2.9.rst#security-fixes
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/blob/v2.9.18/changelogs/CHANGELOG-v2.9.rst#security-fixes
7
reference_url https://github.com/ansible/ansible/blob/v2.9.18/changelogs/CHANGELOG-v2.9.rst#security-fixes,
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/blob/v2.9.18/changelogs/CHANGELOG-v2.9.rst#security-fixes,
8
reference_url https://github.com/ansible/ansible/blob/v2.9.18/changelogs/CHANGELOG-v2.9.rst#security-fixes%2C
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/blob/v2.9.18/changelogs/CHANGELOG-v2.9.rst#security-fixes%2C
9
reference_url https://github.com/ansible-collections/community.general/commit/1d0c5e2ba47724c31a18d7b08b9daf13df8829dc
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ansible-collections/community.general/commit/1d0c5e2ba47724c31a18d7b08b9daf13df8829dc
10
reference_url https://github.com/ansible-collections/community.general/pull/1635
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ansible-collections/community.general/pull/1635
11
reference_url https://github.com/ansible-collections/community.general/pull/1635,
reference_id
reference_type
scores
url https://github.com/ansible-collections/community.general/pull/1635,
12
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2021-106.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2021-106.yaml
13
reference_url https://lists.debian.org/debian-lts-announce/2023/12/msg00018.html
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2023/12/msg00018.html
14
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUQ2QKAQA5OW2TY3ACZZMFIAJ2EQTG37
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUQ2QKAQA5OW2TY3ACZZMFIAJ2EQTG37
15
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HIU7QZUV73U6ZQ65VJWSFBTCALVXLH55
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HIU7QZUV73U6ZQ65VJWSFBTCALVXLH55
16
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUQ2QKAQA5OW2TY3ACZZMFIAJ2EQTG37
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUQ2QKAQA5OW2TY3ACZZMFIAJ2EQTG37
17
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUQ2QKAQA5OW2TY3ACZZMFIAJ2EQTG37/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUQ2QKAQA5OW2TY3ACZZMFIAJ2EQTG37/
18
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HIU7QZUV73U6ZQ65VJWSFBTCALVXLH55
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HIU7QZUV73U6ZQ65VJWSFBTCALVXLH55
19
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HIU7QZUV73U6ZQ65VJWSFBTCALVXLH55/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HIU7QZUV73U6ZQ65VJWSFBTCALVXLH55/
20
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-20178
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-20178
21
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985753
reference_id 985753
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985753
22
reference_url https://security.archlinux.org/ASA-202102-9
reference_id ASA-202102-9
reference_type
scores
url https://security.archlinux.org/ASA-202102-9
23
reference_url https://security.archlinux.org/AVG-1437
reference_id AVG-1437
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1437
24
reference_url https://access.redhat.com/errata/RHSA-2021:0663
reference_id RHSA-2021:0663
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0663
25
reference_url https://access.redhat.com/errata/RHSA-2021:0664
reference_id RHSA-2021:0664
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0664
26
reference_url https://access.redhat.com/errata/RHSA-2021:1079
reference_id RHSA-2021:1079
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:1079
27
reference_url https://access.redhat.com/errata/RHSA-2021:2180
reference_id RHSA-2021:2180
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:2180
fixed_packages
0
url pkg:pypi/ansible@2.9.18
purl pkg:pypi/ansible@2.9.18
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4yvf-k192-9fca
1
vulnerability VCID-682j-e2pu-1uee
2
vulnerability VCID-axc3-wcsk-q3eg
3
vulnerability VCID-c1xg-s3kx-gkft
4
vulnerability VCID-dzdx-wae5-8ydy
5
vulnerability VCID-e3z2-ydhb-gqfg
6
vulnerability VCID-geaa-6dxx-tbcw
7
vulnerability VCID-qbdk-hxhg-wbh4
8
vulnerability VCID-rg5d-st3d-nbah
9
vulnerability VCID-ujbp-cc1r-wfe9
10
vulnerability VCID-v3h9-1t69-v7a3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.18
aliases CVE-2021-20178, GHSA-wv5p-gmmv-wh9v, PYSEC-2021-106
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fj2p-7wkh-1fhq
8
url VCID-geaa-6dxx-tbcw
vulnerability_id VCID-geaa-6dxx-tbcw
summary A flaw was found in Ansible Engine's ansible-connection module, where sensitive information such as the Ansible user credentials is disclosed by default in the traceback error message. The highest threat from this vulnerability is to confidentiality.
references
0
reference_url https://access.redhat.com/errata/RHSA-2021:3871
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2021:3871
1
reference_url https://access.redhat.com/errata/RHSA-2021:3872
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2021:3872
2
reference_url https://access.redhat.com/errata/RHSA-2021:3874
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2021:3874
3
reference_url https://access.redhat.com/errata/RHSA-2021:4703
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2021:4703
4
reference_url https://access.redhat.com/errata/RHSA-2021:4750
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2021:4750
5
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3620.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3620.json
6
reference_url https://access.redhat.com/security/cve/CVE-2021-3620
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2021-3620
7
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-3620
reference_id
reference_type
scores
0
value 0.0029
scoring_system epss
scoring_elements 0.52455
published_at 2026-04-08T12:55:00Z
1
value 0.0029
scoring_system epss
scoring_elements 0.52449
published_at 2026-04-09T12:55:00Z
2
value 0.0029
scoring_system epss
scoring_elements 0.525
published_at 2026-04-11T12:55:00Z
3
value 0.0029
scoring_system epss
scoring_elements 0.52484
published_at 2026-04-12T12:55:00Z
4
value 0.0029
scoring_system epss
scoring_elements 0.52468
published_at 2026-04-13T12:55:00Z
5
value 0.0029
scoring_system epss
scoring_elements 0.52508
published_at 2026-04-16T12:55:00Z
6
value 0.0029
scoring_system epss
scoring_elements 0.52514
published_at 2026-04-18T12:55:00Z
7
value 0.0029
scoring_system epss
scoring_elements 0.52364
published_at 2026-04-01T12:55:00Z
8
value 0.0029
scoring_system epss
scoring_elements 0.52437
published_at 2026-04-04T12:55:00Z
9
value 0.0029
scoring_system epss
scoring_elements 0.52402
published_at 2026-04-07T12:55:00Z
10
value 0.0029
scoring_system epss
scoring_elements 0.52409
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-3620
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1975767
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:09:25Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=1975767
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3620
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3620
10
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
11
reference_url https://github.com/advisories/GHSA-4r65-35qq-ch8j
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-4r65-35qq-ch8j
12
reference_url https://github.com/ansible/ansible
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible
13
reference_url https://github.com/ansible/ansible/blob/stable-2.9/changelogs/CHANGELOG-v2.9.rst#security-fixes
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:09:25Z/
url https://github.com/ansible/ansible/blob/stable-2.9/changelogs/CHANGELOG-v2.9.rst#security-fixes
14
reference_url https://github.com/ansible/ansible/commit/fe28767970c8ec62aabe493c46b53a5de1e5fac0
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:09:25Z/
url https://github.com/ansible/ansible/commit/fe28767970c8ec62aabe493c46b53a5de1e5fac0
15
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2022-164.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2022-164.yaml
16
reference_url https://lists.debian.org/debian-lts-announce/2023/12/msg00018.html
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:09:25Z/
url https://lists.debian.org/debian-lts-announce/2023/12/msg00018.html
17
reference_url https://security.archlinux.org/AVG-1941
reference_id AVG-1941
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1941
18
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-3620
reference_id CVE-2021-3620
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-3620
19
reference_url https://usn.ubuntu.com/USN-5315-1/
reference_id USN-USN-5315-1
reference_type
scores
url https://usn.ubuntu.com/USN-5315-1/
fixed_packages
0
url pkg:pypi/ansible@2.9.27
purl pkg:pypi/ansible@2.9.27
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4yvf-k192-9fca
1
vulnerability VCID-682j-e2pu-1uee
2
vulnerability VCID-c1xg-s3kx-gkft
3
vulnerability VCID-dzdx-wae5-8ydy
4
vulnerability VCID-qbdk-hxhg-wbh4
5
vulnerability VCID-rg5d-st3d-nbah
6
vulnerability VCID-ujbp-cc1r-wfe9
7
vulnerability VCID-v3h9-1t69-v7a3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.27
aliases CVE-2021-3620, GHSA-4r65-35qq-ch8j, PYSEC-2022-164
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-geaa-6dxx-tbcw
9
url VCID-jnmu-c8dt-5yb6
vulnerability_id VCID-jnmu-c8dt-5yb6
summary A vulnerability was found in Ansible engine 2.x up to 2.8 and Ansible tower 3.x up to 3.5. When a module has an argument_spec with sub parameters marked as no_log, passing an invalid parameter name to the module will cause the task to fail before the no_log options in the sub parameters are processed. As a result, data in the sub parameter fields will not be masked and will be displayed if Ansible is run with increased verbosity and present in the module invocation arguments for the task.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00021.html
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00021.html
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00026.html
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00026.html
2
reference_url https://access.redhat.com/errata/RHSA-2019:3201
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:3201
3
reference_url https://access.redhat.com/errata/RHSA-2019:3202
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:3202
4
reference_url https://access.redhat.com/errata/RHSA-2019:3203
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:3203
5
reference_url https://access.redhat.com/errata/RHSA-2019:3207
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:3207
6
reference_url https://access.redhat.com/errata/RHSA-2020:0756
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2020:0756
7
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14858.json
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14858.json
8
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-14858
reference_id
reference_type
scores
0
value 0.00059
scoring_system epss
scoring_elements 0.18387
published_at 2026-04-18T12:55:00Z
1
value 0.00059
scoring_system epss
scoring_elements 0.18479
published_at 2026-04-01T12:55:00Z
2
value 0.00059
scoring_system epss
scoring_elements 0.18624
published_at 2026-04-02T12:55:00Z
3
value 0.00059
scoring_system epss
scoring_elements 0.18679
published_at 2026-04-04T12:55:00Z
4
value 0.00059
scoring_system epss
scoring_elements 0.18394
published_at 2026-04-07T12:55:00Z
5
value 0.00059
scoring_system epss
scoring_elements 0.18475
published_at 2026-04-08T12:55:00Z
6
value 0.00059
scoring_system epss
scoring_elements 0.18528
published_at 2026-04-09T12:55:00Z
7
value 0.00059
scoring_system epss
scoring_elements 0.18529
published_at 2026-04-11T12:55:00Z
8
value 0.00059
scoring_system epss
scoring_elements 0.18481
published_at 2026-04-12T12:55:00Z
9
value 0.00059
scoring_system epss
scoring_elements 0.1843
published_at 2026-04-13T12:55:00Z
10
value 0.00059
scoring_system epss
scoring_elements 0.18374
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-14858
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14858
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14858
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14858
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14858
11
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 2.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
12
reference_url https://github.com/ansible/ansible
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible
13
reference_url https://github.com/ansible/ansible/commit/0fd656e9964a91f2e8b1e9bbf78c74661ab9d37b
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/0fd656e9964a91f2e8b1e9bbf78c74661ab9d37b
14
reference_url https://github.com/ansible/ansible/commit/3dfb8e81bb5f776a6b00c7a90dd087e85b71f8bb
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/3dfb8e81bb5f776a6b00c7a90dd087e85b71f8bb
15
reference_url https://github.com/ansible/ansible/commit/87f8d77d70476454f7fe2381bd363a329ce4266c
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/87f8d77d70476454f7fe2381bd363a329ce4266c
16
reference_url https://github.com/ansible/ansible/commit/f610ed3a4eb87eb557200606279796921fa9b722
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/f610ed3a4eb87eb557200606279796921fa9b722
17
reference_url https://github.com/ansible/ansible/pull/63405
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/pull/63405
18
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2019-171.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2019-171.yaml
19
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-14858
reference_id
reference_type
scores
0
value 2.1
scoring_system cvssv2
scoring_elements AV:L/AC:L/Au:N/C:P/I:N/A:N
1
value 7.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
2
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
3
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
4
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-14858
20
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1760593
reference_id 1760593
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1760593
21
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=942332
reference_id 942332
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=942332
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_engine:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:ansible_engine:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_engine:*:*:*:*:*:*:*:*
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_tower:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:ansible_tower:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_tower:*:*:*:*:*:*:*:*
24
reference_url https://github.com/advisories/GHSA-h653-95qw-h2mp
reference_id GHSA-h653-95qw-h2mp
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-h653-95qw-h2mp
fixed_packages
0
url pkg:pypi/ansible@2.8.1
purl pkg:pypi/ansible@2.8.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4yvf-k192-9fca
1
vulnerability VCID-682j-e2pu-1uee
2
vulnerability VCID-7uu9-tj6b-quf6
3
vulnerability VCID-a49n-tvnt-p3df
4
vulnerability VCID-ae1r-yq1g-rkem
5
vulnerability VCID-atun-stks-4kcb
6
vulnerability VCID-axc3-wcsk-q3eg
7
vulnerability VCID-b8zs-br97-57av
8
vulnerability VCID-c1xg-s3kx-gkft
9
vulnerability VCID-ckt2-us5z-pyef
10
vulnerability VCID-d4ka-dk4p-kfhb
11
vulnerability VCID-d7ez-s7qb-p3ay
12
vulnerability VCID-dagf-buer-4ffr
13
vulnerability VCID-dzdx-wae5-8ydy
14
vulnerability VCID-e3z2-ydhb-gqfg
15
vulnerability VCID-ezaq-tqd3-4yd1
16
vulnerability VCID-ezux-6buh-h7h7
17
vulnerability VCID-fj2p-7wkh-1fhq
18
vulnerability VCID-geaa-6dxx-tbcw
19
vulnerability VCID-h1n3-cmte-eugf
20
vulnerability VCID-hqar-fca3-cbht
21
vulnerability VCID-jnmu-c8dt-5yb6
22
vulnerability VCID-jrxz-b168-7ug4
23
vulnerability VCID-js7k-ptm9-2yh1
24
vulnerability VCID-kb5h-116p-33b4
25
vulnerability VCID-nukv-kkws-xkb1
26
vulnerability VCID-qbdk-hxhg-wbh4
27
vulnerability VCID-rdwq-93d6-c7b4
28
vulnerability VCID-rg5d-st3d-nbah
29
vulnerability VCID-swpr-3qae-d7fe
30
vulnerability VCID-t6db-buke-nfhf
31
vulnerability VCID-tdp4-h4ht-pqhs
32
vulnerability VCID-uhg5-zpzt-e3gz
33
vulnerability VCID-ujbp-cc1r-wfe9
34
vulnerability VCID-v3h9-1t69-v7a3
35
vulnerability VCID-whyk-3ynn-zyf4
36
vulnerability VCID-x5e2-7whc-v3fc
37
vulnerability VCID-x94k-nxyd-27gs
38
vulnerability VCID-xg2f-12w4-yqge
39
vulnerability VCID-xw8r-fn6y-mbhp
40
vulnerability VCID-yeea-n94x-qqch
41
vulnerability VCID-ykxk-6mpc-wkgt
42
vulnerability VCID-yur3-am6j-w7ay
43
vulnerability VCID-zzzs-scbg-bbe9
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.8.1
1
url pkg:pypi/ansible@2.8.6
purl pkg:pypi/ansible@2.8.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4yvf-k192-9fca
1
vulnerability VCID-682j-e2pu-1uee
2
vulnerability VCID-a49n-tvnt-p3df
3
vulnerability VCID-ae1r-yq1g-rkem
4
vulnerability VCID-atun-stks-4kcb
5
vulnerability VCID-axc3-wcsk-q3eg
6
vulnerability VCID-b8zs-br97-57av
7
vulnerability VCID-c1xg-s3kx-gkft
8
vulnerability VCID-d4ka-dk4p-kfhb
9
vulnerability VCID-d7ez-s7qb-p3ay
10
vulnerability VCID-dagf-buer-4ffr
11
vulnerability VCID-dzdx-wae5-8ydy
12
vulnerability VCID-e3z2-ydhb-gqfg
13
vulnerability VCID-ezaq-tqd3-4yd1
14
vulnerability VCID-ezux-6buh-h7h7
15
vulnerability VCID-fj2p-7wkh-1fhq
16
vulnerability VCID-geaa-6dxx-tbcw
17
vulnerability VCID-h1n3-cmte-eugf
18
vulnerability VCID-hqar-fca3-cbht
19
vulnerability VCID-jrxz-b168-7ug4
20
vulnerability VCID-js7k-ptm9-2yh1
21
vulnerability VCID-qbdk-hxhg-wbh4
22
vulnerability VCID-rdwq-93d6-c7b4
23
vulnerability VCID-rg5d-st3d-nbah
24
vulnerability VCID-tdp4-h4ht-pqhs
25
vulnerability VCID-uhg5-zpzt-e3gz
26
vulnerability VCID-ujbp-cc1r-wfe9
27
vulnerability VCID-v3h9-1t69-v7a3
28
vulnerability VCID-whyk-3ynn-zyf4
29
vulnerability VCID-x94k-nxyd-27gs
30
vulnerability VCID-xg2f-12w4-yqge
31
vulnerability VCID-xw8r-fn6y-mbhp
32
vulnerability VCID-yeea-n94x-qqch
33
vulnerability VCID-yur3-am6j-w7ay
34
vulnerability VCID-zzzs-scbg-bbe9
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.8.6
2
url pkg:pypi/ansible@2.9.0rc4
purl pkg:pypi/ansible@2.9.0rc4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3jej-4jyp-cqbt
1
vulnerability VCID-4yvf-k192-9fca
2
vulnerability VCID-682j-e2pu-1uee
3
vulnerability VCID-a49n-tvnt-p3df
4
vulnerability VCID-ae1r-yq1g-rkem
5
vulnerability VCID-atun-stks-4kcb
6
vulnerability VCID-axc3-wcsk-q3eg
7
vulnerability VCID-b8zs-br97-57av
8
vulnerability VCID-c1xg-s3kx-gkft
9
vulnerability VCID-d4ka-dk4p-kfhb
10
vulnerability VCID-d7ez-s7qb-p3ay
11
vulnerability VCID-dzdx-wae5-8ydy
12
vulnerability VCID-e3z2-ydhb-gqfg
13
vulnerability VCID-ezaq-tqd3-4yd1
14
vulnerability VCID-ezux-6buh-h7h7
15
vulnerability VCID-fj2p-7wkh-1fhq
16
vulnerability VCID-geaa-6dxx-tbcw
17
vulnerability VCID-h1n3-cmte-eugf
18
vulnerability VCID-hqar-fca3-cbht
19
vulnerability VCID-jrxz-b168-7ug4
20
vulnerability VCID-js7k-ptm9-2yh1
21
vulnerability VCID-qbdk-hxhg-wbh4
22
vulnerability VCID-rdwq-93d6-c7b4
23
vulnerability VCID-rg5d-st3d-nbah
24
vulnerability VCID-uhg5-zpzt-e3gz
25
vulnerability VCID-ujbp-cc1r-wfe9
26
vulnerability VCID-v3h9-1t69-v7a3
27
vulnerability VCID-whyk-3ynn-zyf4
28
vulnerability VCID-x94k-nxyd-27gs
29
vulnerability VCID-xg2f-12w4-yqge
30
vulnerability VCID-xw8r-fn6y-mbhp
31
vulnerability VCID-yeea-n94x-qqch
32
vulnerability VCID-yur3-am6j-w7ay
33
vulnerability VCID-zzzs-scbg-bbe9
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.0rc4
aliases CVE-2019-14858, GHSA-h653-95qw-h2mp, PYSEC-2019-171
risk_score 3.3
exploitability 0.5
weighted_severity 6.6
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jnmu-c8dt-5yb6
10
url VCID-js7k-ptm9-2yh1
vulnerability_id VCID-js7k-ptm9-2yh1
summary Ethereum 0xe933c0cd9784414d5f278c114904f5a84b396919#code.sol latest version is affected by a denial of service vulnerability in the affected payout function. Once the length of this array is too long, it will result in an exception. Attackers can make attacks by creating a series of account addresses.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-20178
reference_id
reference_type
scores
0
value 0.00389
scoring_system epss
scoring_elements 0.60021
published_at 2026-04-18T12:55:00Z
1
value 0.00389
scoring_system epss
scoring_elements 0.59852
published_at 2026-04-01T12:55:00Z
2
value 0.00389
scoring_system epss
scoring_elements 0.59928
published_at 2026-04-02T12:55:00Z
3
value 0.00389
scoring_system epss
scoring_elements 0.59954
published_at 2026-04-04T12:55:00Z
4
value 0.00389
scoring_system epss
scoring_elements 0.59924
published_at 2026-04-07T12:55:00Z
5
value 0.00389
scoring_system epss
scoring_elements 0.59974
published_at 2026-04-08T12:55:00Z
6
value 0.00389
scoring_system epss
scoring_elements 0.59987
published_at 2026-04-09T12:55:00Z
7
value 0.00389
scoring_system epss
scoring_elements 0.60008
published_at 2026-04-11T12:55:00Z
8
value 0.00389
scoring_system epss
scoring_elements 0.59993
published_at 2026-04-12T12:55:00Z
9
value 0.00389
scoring_system epss
scoring_elements 0.59975
published_at 2026-04-13T12:55:00Z
10
value 0.00389
scoring_system epss
scoring_elements 0.60014
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-20178
1
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1914774
reference_id
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1914774
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-20178
reference_id CVE-2020-20178
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2020-20178
fixed_packages
0
url pkg:pypi/ansible@2.9.18
purl pkg:pypi/ansible@2.9.18
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4yvf-k192-9fca
1
vulnerability VCID-682j-e2pu-1uee
2
vulnerability VCID-axc3-wcsk-q3eg
3
vulnerability VCID-c1xg-s3kx-gkft
4
vulnerability VCID-dzdx-wae5-8ydy
5
vulnerability VCID-e3z2-ydhb-gqfg
6
vulnerability VCID-geaa-6dxx-tbcw
7
vulnerability VCID-qbdk-hxhg-wbh4
8
vulnerability VCID-rg5d-st3d-nbah
9
vulnerability VCID-ujbp-cc1r-wfe9
10
vulnerability VCID-v3h9-1t69-v7a3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.18
aliases CVE-2020-20178
risk_score 1.9
exploitability 0.5
weighted_severity 3.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-js7k-ptm9-2yh1
11
url VCID-qbdk-hxhg-wbh4
vulnerability_id VCID-qbdk-hxhg-wbh4
summary 
Ansible Community General Collection is vulnerable to exposure of sensitive information
A flaw was found in ansible-collection-community-general. This vulnerability allows for information exposure (IE) of sensitive credentials, specifically plaintext passwords, via verbose output when running Ansible with debug modes. Attackers with access to logs could retrieve these secrets and potentially compromise Keycloak accounts or administrative access.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14010.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14010.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-14010
reference_id
reference_type
scores
0
value 0.00015
scoring_system epss
scoring_elements 0.03045
published_at 2026-04-04T12:55:00Z
1
value 0.00015
scoring_system epss
scoring_elements 0.03031
published_at 2026-04-02T12:55:00Z
2
value 0.00018
scoring_system epss
scoring_elements 0.04652
published_at 2026-04-18T12:55:00Z
3
value 0.00018
scoring_system epss
scoring_elements 0.04671
published_at 2026-04-07T12:55:00Z
4
value 0.00018
scoring_system epss
scoring_elements 0.04705
published_at 2026-04-08T12:55:00Z
5
value 0.00018
scoring_system epss
scoring_elements 0.04717
published_at 2026-04-09T12:55:00Z
6
value 0.00018
scoring_system epss
scoring_elements 0.0471
published_at 2026-04-11T12:55:00Z
7
value 0.00018
scoring_system epss
scoring_elements 0.04694
published_at 2026-04-12T12:55:00Z
8
value 0.00018
scoring_system epss
scoring_elements 0.04677
published_at 2026-04-13T12:55:00Z
9
value 0.00018
scoring_system epss
scoring_elements 0.04644
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-14010
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2418774
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-05T17:22:53Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=2418774
3
reference_url https://github.com/ansible-collections/community.general
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible-collections/community.general
4
reference_url https://github.com/ansible-collections/community.general/commit/08e56bbb9b57740a879d3057d84cdb02a162b840
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible-collections/community.general/commit/08e56bbb9b57740a879d3057d84cdb02a162b840
5
reference_url https://github.com/ansible-collections/community.general/commit/54af64ad363efe280b34102d2637fe272c1f7320
reference_id
reference_type
scores
url https://github.com/ansible-collections/community.general/commit/54af64ad363efe280b34102d2637fe272c1f7320
6
reference_url https://github.com/ansible-collections/community.general/issues/11000
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible-collections/community.general/issues/11000
7
reference_url https://github.com/ansible-collections/community.general/pull/11005
reference_id
reference_type
scores
url https://github.com/ansible-collections/community.general/pull/11005
8
reference_url https://github.com/ansible-community/ansible-build-data/blob/12.2.0/12/CHANGELOG-v12.md#security-fixes
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible-community/ansible-build-data/blob/12.2.0/12/CHANGELOG-v12.md#security-fixes
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1121951
reference_id 1121951
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1121951
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ceph_storage:5
reference_id cpe:/a:redhat:ceph_storage:5
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ceph_storage:5
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ceph_storage:6
reference_id cpe:/a:redhat:ceph_storage:6
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ceph_storage:6
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ceph_storage:7
reference_id cpe:/a:redhat:ceph_storage:7
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ceph_storage:7
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ceph_storage:8
reference_id cpe:/a:redhat:ceph_storage:8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ceph_storage:8
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openstack:17.1
reference_id cpe:/a:redhat:openstack:17.1
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openstack:17.1
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openstack:18.0
reference_id cpe:/a:redhat:openstack:18.0
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openstack:18.0
16
reference_url https://access.redhat.com/security/cve/CVE-2025-14010
reference_id CVE-2025-14010
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-05T17:22:53Z/
url https://access.redhat.com/security/cve/CVE-2025-14010
17
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-14010
reference_id CVE-2025-14010
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-14010
18
reference_url https://github.com/advisories/GHSA-8ggh-xwr9-3373
reference_id GHSA-8ggh-xwr9-3373
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-8ggh-xwr9-3373
fixed_packages
0
url pkg:pypi/ansible@12.0.0
purl pkg:pypi/ansible@12.0.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@12.0.0
1
url pkg:pypi/ansible@12.2.0
purl pkg:pypi/ansible@12.2.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@12.2.0
aliases CVE-2025-14010, GHSA-8ggh-xwr9-3373
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qbdk-hxhg-wbh4
12
url VCID-r6bb-p28b-8fcn
vulnerability_id VCID-r6bb-p28b-8fcn
summary Execution of Ansible playbooks on Windows platforms with PowerShell ScriptBlock logging and Module logging enabled can allow for 'become' passwords to appear in EventLogs in plaintext. A local user with administrator privileges on the machine can view these logs and discover the plaintext password. Ansible Engine 2.8 and older are believed to be vulnerable.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00021.html
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00021.html
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00077.html
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00077.html
2
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00020.html
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00020.html
3
reference_url https://access.redhat.com/errata/RHSA-2018:3770
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:3770
4
reference_url https://access.redhat.com/errata/RHSA-2018:3771
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:3771
5
reference_url https://access.redhat.com/errata/RHSA-2018:3772
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:3772
6
reference_url https://access.redhat.com/errata/RHSA-2018:3773
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:3773
7
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16859.json
reference_id
reference_type
scores
0
value 4.2
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16859.json
8
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-16859
reference_id
reference_type
scores
0
value 0.00096
scoring_system epss
scoring_elements 0.26441
published_at 2026-04-18T12:55:00Z
1
value 0.00096
scoring_system epss
scoring_elements 0.26464
published_at 2026-04-13T12:55:00Z
2
value 0.00096
scoring_system epss
scoring_elements 0.26521
published_at 2026-04-12T12:55:00Z
3
value 0.00096
scoring_system epss
scoring_elements 0.26567
published_at 2026-04-11T12:55:00Z
4
value 0.00096
scoring_system epss
scoring_elements 0.2656
published_at 2026-04-09T12:55:00Z
5
value 0.00096
scoring_system epss
scoring_elements 0.26512
published_at 2026-04-08T12:55:00Z
6
value 0.00096
scoring_system epss
scoring_elements 0.26442
published_at 2026-04-07T12:55:00Z
7
value 0.00096
scoring_system epss
scoring_elements 0.26657
published_at 2026-04-04T12:55:00Z
8
value 0.00096
scoring_system epss
scoring_elements 0.26612
published_at 2026-04-02T12:55:00Z
9
value 0.00096
scoring_system epss
scoring_elements 0.26562
published_at 2026-04-01T12:55:00Z
10
value 0.00096
scoring_system epss
scoring_elements 0.2647
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-16859
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16859
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16859
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16859
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16859
11
reference_url https://cwe.mitre.org/data/definitions/200.html
reference_id
reference_type
scores
url https://cwe.mitre.org/data/definitions/200.html
12
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.2
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
13
reference_url https://github.com/ansible/ansible
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible
14
reference_url https://github.com/ansible/ansible/blob/v2.5.13/changelogs/CHANGELOG-v2.5.rst
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/blob/v2.5.13/changelogs/CHANGELOG-v2.5.rst
15
reference_url https://github.com/ansible/ansible/commit/0d746b4198abf84290a093b83cf02b4203d73d9f
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/0d746b4198abf84290a093b83cf02b4203d73d9f
16
reference_url https://github.com/ansible/ansible/commit/2f8d3fcf41107efafc14d51ab6e14531ca8f8c87
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/2f8d3fcf41107efafc14d51ab6e14531ca8f8c87
17
reference_url https://github.com/ansible/ansible/commit/4d748d34f9392aa469da00a85c8e2d5fe6cec52b
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/4d748d34f9392aa469da00a85c8e2d5fe6cec52b
18
reference_url https://github.com/ansible/ansible/commit/8c1f701e6e9df29fe991f98265e2dd76acca4b8c
reference_id
reference_type
scores
url https://github.com/ansible/ansible/commit/8c1f701e6e9df29fe991f98265e2dd76acca4b8c
19
reference_url https://github.com/ansible/ansible/pull/49142
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/pull/49142
20
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2018-60.yaml
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2018-60.yaml
21
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-16859
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-16859
22
reference_url https://web.archive.org/web/20200227102121/http://www.securityfocus.com/bid/106004
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200227102121/http://www.securityfocus.com/bid/106004
23
reference_url http://www.securityfocus.com/bid/106004
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/106004
24
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1649607
reference_id 1649607
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1649607
25
reference_url https://github.com/advisories/GHSA-v735-2pp6-h86r
reference_id GHSA-v735-2pp6-h86r
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-v735-2pp6-h86r
fixed_packages
0
url pkg:pypi/ansible@2.8.1
purl pkg:pypi/ansible@2.8.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4yvf-k192-9fca
1
vulnerability VCID-682j-e2pu-1uee
2
vulnerability VCID-7uu9-tj6b-quf6
3
vulnerability VCID-a49n-tvnt-p3df
4
vulnerability VCID-ae1r-yq1g-rkem
5
vulnerability VCID-atun-stks-4kcb
6
vulnerability VCID-axc3-wcsk-q3eg
7
vulnerability VCID-b8zs-br97-57av
8
vulnerability VCID-c1xg-s3kx-gkft
9
vulnerability VCID-ckt2-us5z-pyef
10
vulnerability VCID-d4ka-dk4p-kfhb
11
vulnerability VCID-d7ez-s7qb-p3ay
12
vulnerability VCID-dagf-buer-4ffr
13
vulnerability VCID-dzdx-wae5-8ydy
14
vulnerability VCID-e3z2-ydhb-gqfg
15
vulnerability VCID-ezaq-tqd3-4yd1
16
vulnerability VCID-ezux-6buh-h7h7
17
vulnerability VCID-fj2p-7wkh-1fhq
18
vulnerability VCID-geaa-6dxx-tbcw
19
vulnerability VCID-h1n3-cmte-eugf
20
vulnerability VCID-hqar-fca3-cbht
21
vulnerability VCID-jnmu-c8dt-5yb6
22
vulnerability VCID-jrxz-b168-7ug4
23
vulnerability VCID-js7k-ptm9-2yh1
24
vulnerability VCID-kb5h-116p-33b4
25
vulnerability VCID-nukv-kkws-xkb1
26
vulnerability VCID-qbdk-hxhg-wbh4
27
vulnerability VCID-rdwq-93d6-c7b4
28
vulnerability VCID-rg5d-st3d-nbah
29
vulnerability VCID-swpr-3qae-d7fe
30
vulnerability VCID-t6db-buke-nfhf
31
vulnerability VCID-tdp4-h4ht-pqhs
32
vulnerability VCID-uhg5-zpzt-e3gz
33
vulnerability VCID-ujbp-cc1r-wfe9
34
vulnerability VCID-v3h9-1t69-v7a3
35
vulnerability VCID-whyk-3ynn-zyf4
36
vulnerability VCID-x5e2-7whc-v3fc
37
vulnerability VCID-x94k-nxyd-27gs
38
vulnerability VCID-xg2f-12w4-yqge
39
vulnerability VCID-xw8r-fn6y-mbhp
40
vulnerability VCID-yeea-n94x-qqch
41
vulnerability VCID-ykxk-6mpc-wkgt
42
vulnerability VCID-yur3-am6j-w7ay
43
vulnerability VCID-zzzs-scbg-bbe9
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.8.1
aliases CVE-2018-16859, GHSA-v735-2pp6-h86r, PYSEC-2018-60
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-r6bb-p28b-8fcn
13
url VCID-rdwq-93d6-c7b4
vulnerability_id VCID-rdwq-93d6-c7b4
summary An incomplete fix was found for the fix of the flaw CVE-2020-1733 ansible: insecure temporary directory when running become_user from become directive. The provided fix is insufficient to prevent the race condition on systems using ACLs and FUSE filesystems. Ansible Engine 2.7.18, 2.8.12, and 2.9.9 as well as previous versions are affected and Ansible Tower 3.4.5, 3.5.6 and 3.6.4 as well as previous versions are affected.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10744.json
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10744.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-10744
reference_id
reference_type
scores
0
value 0.00038
scoring_system epss
scoring_elements 0.11406
published_at 2026-04-18T12:55:00Z
1
value 0.00038
scoring_system epss
scoring_elements 0.11545
published_at 2026-04-13T12:55:00Z
2
value 0.00038
scoring_system epss
scoring_elements 0.1157
published_at 2026-04-12T12:55:00Z
3
value 0.00038
scoring_system epss
scoring_elements 0.11597
published_at 2026-04-09T12:55:00Z
4
value 0.00038
scoring_system epss
scoring_elements 0.11537
published_at 2026-04-08T12:55:00Z
5
value 0.00038
scoring_system epss
scoring_elements 0.11452
published_at 2026-04-07T12:55:00Z
6
value 0.00038
scoring_system epss
scoring_elements 0.11664
published_at 2026-04-04T12:55:00Z
7
value 0.00038
scoring_system epss
scoring_elements 0.11607
published_at 2026-04-11T12:55:00Z
8
value 0.00038
scoring_system epss
scoring_elements 0.1148
published_at 2026-04-01T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-10744
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10744
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L
1
value 2.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L
2
value LOW
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10744
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10744
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10744
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://github.com/advisories/GHSA-vp9j-rghq-8jhh
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L
1
value LOW
scoring_system cvssv3.1_qr
scoring_elements
2
value 2.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L
3
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-vp9j-rghq-8jhh
6
reference_url https://github.com/ansible/ansible
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L
1
value 2.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible
7
reference_url https://github.com/ansible/ansible/commit/77d0effcc5b2da1ef23e4ba32986a9759c27c10d
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L
1
value 2.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/77d0effcc5b2da1ef23e4ba32986a9759c27c10d
8
reference_url https://github.com/ansible/ansible/commit/84afa8e90cd168ff13208c8eae3e533ce7e21e1f
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L
1
value 2.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/84afa8e90cd168ff13208c8eae3e533ce7e21e1f
9
reference_url https://github.com/ansible/ansible/commit/ffd3757fc35468a97791e452e7f2d14c3e3fcb80
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L
1
value 2.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/ffd3757fc35468a97791e452e7f2d14c3e3fcb80
10
reference_url https://github.com/ansible/ansible/issues/69782
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L
1
value 2.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/issues/69782
11
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2020-208.yaml
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L
1
value 2.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2020-208.yaml
12
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1835566
reference_id 1835566
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1835566
13
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=966660
reference_id 966660
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=966660
14
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-10744
reference_id CVE-2020-10744
reference_type
scores
0
value 5.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L
1
value 2.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L
2
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-10744
15
reference_url https://usn.ubuntu.com/USN-5315-1/
reference_id USN-USN-5315-1
reference_type
scores
url https://usn.ubuntu.com/USN-5315-1/
fixed_packages
0
url pkg:pypi/ansible@2.8.0a1
purl pkg:pypi/ansible@2.8.0a1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4yvf-k192-9fca
1
vulnerability VCID-682j-e2pu-1uee
2
vulnerability VCID-a49n-tvnt-p3df
3
vulnerability VCID-ae1r-yq1g-rkem
4
vulnerability VCID-atun-stks-4kcb
5
vulnerability VCID-axc3-wcsk-q3eg
6
vulnerability VCID-b8zs-br97-57av
7
vulnerability VCID-c1xg-s3kx-gkft
8
vulnerability VCID-d4ka-dk4p-kfhb
9
vulnerability VCID-d7ez-s7qb-p3ay
10
vulnerability VCID-dzdx-wae5-8ydy
11
vulnerability VCID-e3z2-ydhb-gqfg
12
vulnerability VCID-ezaq-tqd3-4yd1
13
vulnerability VCID-ezux-6buh-h7h7
14
vulnerability VCID-fj2p-7wkh-1fhq
15
vulnerability VCID-geaa-6dxx-tbcw
16
vulnerability VCID-h1n3-cmte-eugf
17
vulnerability VCID-hqar-fca3-cbht
18
vulnerability VCID-jnmu-c8dt-5yb6
19
vulnerability VCID-jrxz-b168-7ug4
20
vulnerability VCID-js7k-ptm9-2yh1
21
vulnerability VCID-kb5h-116p-33b4
22
vulnerability VCID-nukv-kkws-xkb1
23
vulnerability VCID-qbdk-hxhg-wbh4
24
vulnerability VCID-r6bb-p28b-8fcn
25
vulnerability VCID-rdwq-93d6-c7b4
26
vulnerability VCID-rg5d-st3d-nbah
27
vulnerability VCID-uhg5-zpzt-e3gz
28
vulnerability VCID-ujbp-cc1r-wfe9
29
vulnerability VCID-v3h9-1t69-v7a3
30
vulnerability VCID-whyk-3ynn-zyf4
31
vulnerability VCID-x5e2-7whc-v3fc
32
vulnerability VCID-x94k-nxyd-27gs
33
vulnerability VCID-xg2f-12w4-yqge
34
vulnerability VCID-xw8r-fn6y-mbhp
35
vulnerability VCID-yeea-n94x-qqch
36
vulnerability VCID-yur3-am6j-w7ay
37
vulnerability VCID-zzzs-scbg-bbe9
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.8.0a1
1
url pkg:pypi/ansible@2.8.13
purl pkg:pypi/ansible@2.8.13
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4yvf-k192-9fca
1
vulnerability VCID-682j-e2pu-1uee
2
vulnerability VCID-atun-stks-4kcb
3
vulnerability VCID-axc3-wcsk-q3eg
4
vulnerability VCID-c1xg-s3kx-gkft
5
vulnerability VCID-dzdx-wae5-8ydy
6
vulnerability VCID-e3z2-ydhb-gqfg
7
vulnerability VCID-fj2p-7wkh-1fhq
8
vulnerability VCID-geaa-6dxx-tbcw
9
vulnerability VCID-jrxz-b168-7ug4
10
vulnerability VCID-js7k-ptm9-2yh1
11
vulnerability VCID-qbdk-hxhg-wbh4
12
vulnerability VCID-rdwq-93d6-c7b4
13
vulnerability VCID-rg5d-st3d-nbah
14
vulnerability VCID-ujbp-cc1r-wfe9
15
vulnerability VCID-v3h9-1t69-v7a3
16
vulnerability VCID-x94k-nxyd-27gs
17
vulnerability VCID-xw8r-fn6y-mbhp
18
vulnerability VCID-yeea-n94x-qqch
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.8.13
2
url pkg:pypi/ansible@2.9.10
purl pkg:pypi/ansible@2.9.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4yvf-k192-9fca
1
vulnerability VCID-682j-e2pu-1uee
2
vulnerability VCID-atun-stks-4kcb
3
vulnerability VCID-axc3-wcsk-q3eg
4
vulnerability VCID-c1xg-s3kx-gkft
5
vulnerability VCID-dzdx-wae5-8ydy
6
vulnerability VCID-e3z2-ydhb-gqfg
7
vulnerability VCID-fj2p-7wkh-1fhq
8
vulnerability VCID-geaa-6dxx-tbcw
9
vulnerability VCID-jrxz-b168-7ug4
10
vulnerability VCID-js7k-ptm9-2yh1
11
vulnerability VCID-qbdk-hxhg-wbh4
12
vulnerability VCID-rdwq-93d6-c7b4
13
vulnerability VCID-rg5d-st3d-nbah
14
vulnerability VCID-ujbp-cc1r-wfe9
15
vulnerability VCID-v3h9-1t69-v7a3
16
vulnerability VCID-whyk-3ynn-zyf4
17
vulnerability VCID-xw8r-fn6y-mbhp
18
vulnerability VCID-yeea-n94x-qqch
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.10
3
url pkg:pypi/ansible@2.9.12
purl pkg:pypi/ansible@2.9.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4yvf-k192-9fca
1
vulnerability VCID-682j-e2pu-1uee
2
vulnerability VCID-atun-stks-4kcb
3
vulnerability VCID-axc3-wcsk-q3eg
4
vulnerability VCID-c1xg-s3kx-gkft
5
vulnerability VCID-dzdx-wae5-8ydy
6
vulnerability VCID-e3z2-ydhb-gqfg
7
vulnerability VCID-fj2p-7wkh-1fhq
8
vulnerability VCID-geaa-6dxx-tbcw
9
vulnerability VCID-jrxz-b168-7ug4
10
vulnerability VCID-js7k-ptm9-2yh1
11
vulnerability VCID-qbdk-hxhg-wbh4
12
vulnerability VCID-rg5d-st3d-nbah
13
vulnerability VCID-ujbp-cc1r-wfe9
14
vulnerability VCID-v3h9-1t69-v7a3
15
vulnerability VCID-xw8r-fn6y-mbhp
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.12
4
url pkg:pypi/ansible@2.10.0rc1
purl pkg:pypi/ansible@2.10.0rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4yvf-k192-9fca
1
vulnerability VCID-682j-e2pu-1uee
2
vulnerability VCID-axc3-wcsk-q3eg
3
vulnerability VCID-c1xg-s3kx-gkft
4
vulnerability VCID-dzdx-wae5-8ydy
5
vulnerability VCID-e3z2-ydhb-gqfg
6
vulnerability VCID-qbdk-hxhg-wbh4
7
vulnerability VCID-rg5d-st3d-nbah
8
vulnerability VCID-ujbp-cc1r-wfe9
9
vulnerability VCID-v3h9-1t69-v7a3
10
vulnerability VCID-xw8r-fn6y-mbhp
11
vulnerability VCID-yeea-n94x-qqch
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.10.0rc1
aliases CVE-2020-10744, GHSA-vp9j-rghq-8jhh, PYSEC-2020-208
risk_score 2.2
exploitability 0.5
weighted_severity 4.5
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rdwq-93d6-c7b4
14
url VCID-rg5d-st3d-nbah
vulnerability_id VCID-rg5d-st3d-nbah
summary A flaw was found in Ansible Base when using the aws_ssm connection plugin as garbage collector is not happening after playbook run is completed. Files would remain in the bucket exposing the data. This issue affects directly data confidentiality.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25635.json
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25635.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-25635
reference_id
reference_type
scores
0
value 0.0008
scoring_system epss
scoring_elements 0.23559
published_at 2026-04-18T12:55:00Z
1
value 0.0008
scoring_system epss
scoring_elements 0.23568
published_at 2026-04-16T12:55:00Z
2
value 0.00087
scoring_system epss
scoring_elements 0.25073
published_at 2026-04-01T12:55:00Z
3
value 0.00087
scoring_system epss
scoring_elements 0.25003
published_at 2026-04-13T12:55:00Z
4
value 0.00087
scoring_system epss
scoring_elements 0.25057
published_at 2026-04-12T12:55:00Z
5
value 0.00087
scoring_system epss
scoring_elements 0.25098
published_at 2026-04-11T12:55:00Z
6
value 0.00087
scoring_system epss
scoring_elements 0.25083
published_at 2026-04-09T12:55:00Z
7
value 0.00087
scoring_system epss
scoring_elements 0.25199
published_at 2026-04-04T12:55:00Z
8
value 0.00087
scoring_system epss
scoring_elements 0.25158
published_at 2026-04-02T12:55:00Z
9
value 0.00087
scoring_system epss
scoring_elements 0.25039
published_at 2026-04-08T12:55:00Z
10
value 0.00087
scoring_system epss
scoring_elements 0.2497
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-25635
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-25635
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-25635
3
reference_url https://github.com/ansible/ansible
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible
4
reference_url https://github.com/ansible-collections/community.aws/issues/222
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible-collections/community.aws/issues/222
5
reference_url https://github.com/ansible-collections/community.aws/pull/237#issuecomment-1468591094
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible-collections/community.aws/pull/237#issuecomment-1468591094
6
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2020-220.yaml
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2020-220.yaml
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1880275
reference_id 1880275
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1880275
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-25635
reference_id CVE-2020-25635
reference_type
scores
0
value 5.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-25635
9
reference_url https://github.com/advisories/GHSA-f556-49jc-4rvc
reference_id GHSA-f556-49jc-4rvc
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-f556-49jc-4rvc
fixed_packages
0
url pkg:pypi/ansible@2.10.1
purl pkg:pypi/ansible@2.10.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2jy6-eqpn-wbce
1
vulnerability VCID-4yvf-k192-9fca
2
vulnerability VCID-682j-e2pu-1uee
3
vulnerability VCID-axc3-wcsk-q3eg
4
vulnerability VCID-e3z2-ydhb-gqfg
5
vulnerability VCID-qbdk-hxhg-wbh4
6
vulnerability VCID-ujbp-cc1r-wfe9
7
vulnerability VCID-xw8r-fn6y-mbhp
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.10.1
aliases CVE-2020-25635, GHSA-f556-49jc-4rvc, PYSEC-2020-220
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rg5d-st3d-nbah
15
url VCID-ujbp-cc1r-wfe9
vulnerability_id VCID-ujbp-cc1r-wfe9
summary 
Ansible symlink attack vulnerability
An absolute path traversal attack exists in the Ansible automation platform. This flaw allows an attacker to craft a malicious Ansible role and make the victim execute the role. A symlink can be used to overwrite a file outside of the extraction path.
references
0
reference_url https://access.redhat.com/errata/RHSA-2023:5701
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2023:5701
1
reference_url https://access.redhat.com/errata/RHSA-2023:5758
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2023:5758
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5115.json
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5115.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-5115
reference_id
reference_type
scores
0
value 0.00716
scoring_system epss
scoring_elements 0.72335
published_at 2026-04-02T12:55:00Z
1
value 0.00716
scoring_system epss
scoring_elements 0.72427
published_at 2026-04-18T12:55:00Z
2
value 0.00716
scoring_system epss
scoring_elements 0.72417
published_at 2026-04-16T12:55:00Z
3
value 0.00716
scoring_system epss
scoring_elements 0.72376
published_at 2026-04-13T12:55:00Z
4
value 0.00716
scoring_system epss
scoring_elements 0.72388
published_at 2026-04-12T12:55:00Z
5
value 0.00716
scoring_system epss
scoring_elements 0.72381
published_at 2026-04-09T12:55:00Z
6
value 0.00716
scoring_system epss
scoring_elements 0.72369
published_at 2026-04-08T12:55:00Z
7
value 0.00716
scoring_system epss
scoring_elements 0.7233
published_at 2026-04-07T12:55:00Z
8
value 0.00716
scoring_system epss
scoring_elements 0.72353
published_at 2026-04-04T12:55:00Z
9
value 0.00716
scoring_system epss
scoring_elements 0.72404
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-5115
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2233810
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=2233810
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5115
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5115
6
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
7
reference_url https://github.com/ansible/ansible
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible
8
reference_url https://github.com/ansible/ansible/commit/1e930684bc0a76ec3d094cd326738ad26416541c
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/1e930684bc0a76ec3d094cd326738ad26416541c
9
reference_url https://github.com/ansible-community/ansible-build-data/blob/16d36538b96c65d9e0e28d89781361b69857ac0e/8/CHANGELOG-v8.rst#L221
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible-community/ansible-build-data/blob/16d36538b96c65d9e0e28d89781361b69857ac0e/8/CHANGELOG-v8.rst#L221
10
reference_url https://lists.debian.org/debian-lts-announce/2023/12/msg00018.html
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2023/12/msg00018.html
11
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053693
reference_id 1053693
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053693
12
reference_url https://access.redhat.com/security/cve/CVE-2023-5115
reference_id CVE-2023-5115
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2023-5115
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-5115
reference_id CVE-2023-5115
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-5115
14
reference_url https://github.com/advisories/GHSA-jpvw-p8pr-9g2x
reference_id GHSA-jpvw-p8pr-9g2x
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-jpvw-p8pr-9g2x
fixed_packages
0
url pkg:pypi/ansible@8.5.0
purl pkg:pypi/ansible@8.5.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-qbdk-hxhg-wbh4
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@8.5.0
aliases CVE-2023-5115, GHSA-jpvw-p8pr-9g2x
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ujbp-cc1r-wfe9
16
url VCID-v3h9-1t69-v7a3
vulnerability_id VCID-v3h9-1t69-v7a3
summary An Improper Output Neutralization for Logs flaw was found in Ansible when using the uri module, where sensitive data is exposed to content and json output. This flaw allows an attacker to access the logs or outputs of performed tasks to read keys used in playbooks from other users within the uri module. The highest threat from this vulnerability is to data confidentiality.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14330.json
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14330.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-14330
reference_id
reference_type
scores
0
value 0.00133
scoring_system epss
scoring_elements 0.32912
published_at 2026-04-18T12:55:00Z
1
value 0.00133
scoring_system epss
scoring_elements 0.32933
published_at 2026-04-16T12:55:00Z
2
value 0.00133
scoring_system epss
scoring_elements 0.32894
published_at 2026-04-13T12:55:00Z
3
value 0.00133
scoring_system epss
scoring_elements 0.32919
published_at 2026-04-12T12:55:00Z
4
value 0.00133
scoring_system epss
scoring_elements 0.32957
published_at 2026-04-11T12:55:00Z
5
value 0.00133
scoring_system epss
scoring_elements 0.32955
published_at 2026-04-09T12:55:00Z
6
value 0.00133
scoring_system epss
scoring_elements 0.32925
published_at 2026-04-08T12:55:00Z
7
value 0.00133
scoring_system epss
scoring_elements 0.32878
published_at 2026-04-07T12:55:00Z
8
value 0.00133
scoring_system epss
scoring_elements 0.33048
published_at 2026-04-04T12:55:00Z
9
value 0.00133
scoring_system epss
scoring_elements 0.33015
published_at 2026-04-02T12:55:00Z
10
value 0.00133
scoring_system epss
scoring_elements 0.32884
published_at 2026-04-01T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-14330
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-14330
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-14330
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10156
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10156
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10206
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10206
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14846
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14846
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14864
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14864
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14904
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14904
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10684
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10684
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10685
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10685
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10729
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10729
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14330
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14330
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14332
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14332
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14365
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14365
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1733
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1733
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1735
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1735
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1739
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1739
17
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1740
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1740
18
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1746
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1746
19
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1753
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1753
20
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20228
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20228
21
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
22
reference_url https://github.com/advisories/GHSA-785x-qw4v-6872
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-785x-qw4v-6872
23
reference_url https://github.com/ansible/ansible
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible
24
reference_url https://github.com/ansible/ansible/commit/e0f25a2b1f9e6c21f751ba0ed2dc2eee2152983e
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/e0f25a2b1f9e6c21f751ba0ed2dc2eee2152983e
25
reference_url https://github.com/ansible/ansible/issues/68400
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/issues/68400
26
reference_url https://github.com/ansible/ansible/pull/69653
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/pull/69653
27
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2020-3.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2020-3.yaml
28
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-14330
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-14330
29
reference_url https://www.debian.org/security/2021/dsa-4950
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2021/dsa-4950
30
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1856815
reference_id 1856815
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1856815
31
reference_url https://access.redhat.com/errata/RHSA-2020:3600
reference_id RHSA-2020:3600
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3600
fixed_packages
0
url pkg:pypi/ansible@2.9.12
purl pkg:pypi/ansible@2.9.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4yvf-k192-9fca
1
vulnerability VCID-682j-e2pu-1uee
2
vulnerability VCID-atun-stks-4kcb
3
vulnerability VCID-axc3-wcsk-q3eg
4
vulnerability VCID-c1xg-s3kx-gkft
5
vulnerability VCID-dzdx-wae5-8ydy
6
vulnerability VCID-e3z2-ydhb-gqfg
7
vulnerability VCID-fj2p-7wkh-1fhq
8
vulnerability VCID-geaa-6dxx-tbcw
9
vulnerability VCID-jrxz-b168-7ug4
10
vulnerability VCID-js7k-ptm9-2yh1
11
vulnerability VCID-qbdk-hxhg-wbh4
12
vulnerability VCID-rg5d-st3d-nbah
13
vulnerability VCID-ujbp-cc1r-wfe9
14
vulnerability VCID-v3h9-1t69-v7a3
15
vulnerability VCID-xw8r-fn6y-mbhp
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.12
1
url pkg:pypi/ansible@2.10.0
purl pkg:pypi/ansible@2.10.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4yvf-k192-9fca
1
vulnerability VCID-682j-e2pu-1uee
2
vulnerability VCID-axc3-wcsk-q3eg
3
vulnerability VCID-c1xg-s3kx-gkft
4
vulnerability VCID-e3z2-ydhb-gqfg
5
vulnerability VCID-qbdk-hxhg-wbh4
6
vulnerability VCID-rg5d-st3d-nbah
7
vulnerability VCID-ujbp-cc1r-wfe9
8
vulnerability VCID-xw8r-fn6y-mbhp
9
vulnerability VCID-yeea-n94x-qqch
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.10.0
aliases CVE-2020-14330, GHSA-785x-qw4v-6872, PYSEC-2020-3
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-v3h9-1t69-v7a3
17
url VCID-whyk-3ynn-zyf4
vulnerability_id VCID-whyk-3ynn-zyf4
summary A flaw was found in the pipe lookup plugin of ansible. Arbitrary commands can be run, when the pipe lookup plugin uses subprocess.Popen() with shell=True, by overwriting ansible facts and the variable is not escaped by quote plugin. An attacker could take advantage and run arbitrary commands by overwriting the ansible facts.
references
0
reference_url https://access.redhat.com/errata/RHBA-2020:0547
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:L
1
value 8.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:L/SC:H/SI:H/SA:L
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHBA-2020:0547
1
reference_url https://access.redhat.com/errata/RHBA-2020:1539
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:L
1
value 8.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:L/SC:H/SI:H/SA:L
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHBA-2020:1539
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1734.json
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1734.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-1734
reference_id
reference_type
scores
0
value 0.00131
scoring_system epss
scoring_elements 0.32759
published_at 2026-04-02T12:55:00Z
1
value 0.00131
scoring_system epss
scoring_elements 0.32624
published_at 2026-04-01T12:55:00Z
2
value 0.00131
scoring_system epss
scoring_elements 0.32663
published_at 2026-04-16T12:55:00Z
3
value 0.00131
scoring_system epss
scoring_elements 0.32626
published_at 2026-04-13T12:55:00Z
4
value 0.00131
scoring_system epss
scoring_elements 0.32653
published_at 2026-04-12T12:55:00Z
5
value 0.00131
scoring_system epss
scoring_elements 0.32691
published_at 2026-04-11T12:55:00Z
6
value 0.00131
scoring_system epss
scoring_elements 0.3269
published_at 2026-04-09T12:55:00Z
7
value 0.00131
scoring_system epss
scoring_elements 0.32664
published_at 2026-04-08T12:55:00Z
8
value 0.00131
scoring_system epss
scoring_elements 0.32616
published_at 2026-04-07T12:55:00Z
9
value 0.00131
scoring_system epss
scoring_elements 0.32795
published_at 2026-04-04T12:55:00Z
10
value 0.00131
scoring_system epss
scoring_elements 0.32641
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-1734
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1801804
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:L
1
value 8.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:L/SC:H/SI:H/SA:L
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1801804
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1734
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:L
1
value 8.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:L/SC:H/SI:H/SA:L
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1734
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1734
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1734
7
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
8
reference_url https://github.com/advisories/GHSA-h39q-95q5-9jfp
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:L
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value 8.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:L/SC:H/SI:H/SA:L
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-h39q-95q5-9jfp
9
reference_url https://github.com/ansible/ansible
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:L
1
value 8.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:L/SC:H/SI:H/SA:L
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible
10
reference_url https://github.com/ansible/ansible/commit/4f978af4ca16ad9828ffe42203b9615425195f8b
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:L
1
value 8.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:L/SC:H/SI:H/SA:L
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/4f978af4ca16ad9828ffe42203b9615425195f8b
11
reference_url https://github.com/ansible/ansible/commit/963bdd9983b91a48fb6949fb2ef41071e72d0be0
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:L
1
value 8.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:L/SC:H/SI:H/SA:L
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/963bdd9983b91a48fb6949fb2ef41071e72d0be0
12
reference_url https://github.com/ansible/ansible/commit/bff0724e9eab2770f874e018298f9ab74cc2a78f
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:L
1
value 8.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:L/SC:H/SI:H/SA:L
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/bff0724e9eab2770f874e018298f9ab74cc2a78f
13
reference_url https://github.com/ansible/ansible/commit/e5649ca3e807f17e7c034ee22791f107162973b0
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:L
1
value 8.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:L/SC:H/SI:H/SA:L
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/e5649ca3e807f17e7c034ee22791f107162973b0
14
reference_url https://github.com/ansible/ansible/issues/67792
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:L
1
value 8.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:L/SC:H/SI:H/SA:L
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/issues/67792
15
reference_url https://github.com/ansible/ansible/issues/70159
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:L
1
value 8.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:L/SC:H/SI:H/SA:L
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/issues/70159
16
reference_url https://github.com/ansible/ansible/pull/70596
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:L
1
value 8.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:L/SC:H/SI:H/SA:L
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/pull/70596
17
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2020-6.yaml
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:L
1
value 8.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:L/SC:H/SI:H/SA:L
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2020-6.yaml
18
reference_url https://access.redhat.com/security/cve/CVE-2020-1734
reference_id CVE-2020-1734
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:L
1
value 8.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:L/SC:H/SI:H/SA:L
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2020-1734
19
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-1734
reference_id CVE-2020-1734
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:L
1
value 8.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:L/SC:H/SI:H/SA:L
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-1734
fixed_packages
0
url pkg:pypi/ansible@2.8.13
purl pkg:pypi/ansible@2.8.13
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4yvf-k192-9fca
1
vulnerability VCID-682j-e2pu-1uee
2
vulnerability VCID-atun-stks-4kcb
3
vulnerability VCID-axc3-wcsk-q3eg
4
vulnerability VCID-c1xg-s3kx-gkft
5
vulnerability VCID-dzdx-wae5-8ydy
6
vulnerability VCID-e3z2-ydhb-gqfg
7
vulnerability VCID-fj2p-7wkh-1fhq
8
vulnerability VCID-geaa-6dxx-tbcw
9
vulnerability VCID-jrxz-b168-7ug4
10
vulnerability VCID-js7k-ptm9-2yh1
11
vulnerability VCID-qbdk-hxhg-wbh4
12
vulnerability VCID-rdwq-93d6-c7b4
13
vulnerability VCID-rg5d-st3d-nbah
14
vulnerability VCID-ujbp-cc1r-wfe9
15
vulnerability VCID-v3h9-1t69-v7a3
16
vulnerability VCID-x94k-nxyd-27gs
17
vulnerability VCID-xw8r-fn6y-mbhp
18
vulnerability VCID-yeea-n94x-qqch
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.8.13
1
url pkg:pypi/ansible@2.9.11
purl pkg:pypi/ansible@2.9.11
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4yvf-k192-9fca
1
vulnerability VCID-682j-e2pu-1uee
2
vulnerability VCID-atun-stks-4kcb
3
vulnerability VCID-axc3-wcsk-q3eg
4
vulnerability VCID-c1xg-s3kx-gkft
5
vulnerability VCID-dzdx-wae5-8ydy
6
vulnerability VCID-e3z2-ydhb-gqfg
7
vulnerability VCID-fj2p-7wkh-1fhq
8
vulnerability VCID-geaa-6dxx-tbcw
9
vulnerability VCID-jrxz-b168-7ug4
10
vulnerability VCID-js7k-ptm9-2yh1
11
vulnerability VCID-qbdk-hxhg-wbh4
12
vulnerability VCID-rdwq-93d6-c7b4
13
vulnerability VCID-rg5d-st3d-nbah
14
vulnerability VCID-ujbp-cc1r-wfe9
15
vulnerability VCID-v3h9-1t69-v7a3
16
vulnerability VCID-xw8r-fn6y-mbhp
17
vulnerability VCID-yeea-n94x-qqch
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.11
2
url pkg:pypi/ansible@2.10.0rc1
purl pkg:pypi/ansible@2.10.0rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4yvf-k192-9fca
1
vulnerability VCID-682j-e2pu-1uee
2
vulnerability VCID-axc3-wcsk-q3eg
3
vulnerability VCID-c1xg-s3kx-gkft
4
vulnerability VCID-dzdx-wae5-8ydy
5
vulnerability VCID-e3z2-ydhb-gqfg
6
vulnerability VCID-qbdk-hxhg-wbh4
7
vulnerability VCID-rg5d-st3d-nbah
8
vulnerability VCID-ujbp-cc1r-wfe9
9
vulnerability VCID-v3h9-1t69-v7a3
10
vulnerability VCID-xw8r-fn6y-mbhp
11
vulnerability VCID-yeea-n94x-qqch
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.10.0rc1
aliases CVE-2020-1734, GHSA-h39q-95q5-9jfp, PYSEC-2020-6
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-whyk-3ynn-zyf4
18
url VCID-x94k-nxyd-27gs
vulnerability_id VCID-x94k-nxyd-27gs
summary A flaw was found in the use of insufficiently random values in Ansible. Two random password lookups of the same length generate the equal value as the template caching action for the same file since no re-evaluation happens. The highest threat from this vulnerability would be that all passwords are exposed at once for the file. This flaw affects Ansible Engine versions before 2.9.6.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10729.json
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10729.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-10729
reference_id
reference_type
scores
0
value 0.00079
scoring_system epss
scoring_elements 0.2329
published_at 2026-04-01T12:55:00Z
1
value 0.00079
scoring_system epss
scoring_elements 0.23336
published_at 2026-04-13T12:55:00Z
2
value 0.00079
scoring_system epss
scoring_elements 0.2339
published_at 2026-04-12T12:55:00Z
3
value 0.00079
scoring_system epss
scoring_elements 0.23427
published_at 2026-04-11T12:55:00Z
4
value 0.00079
scoring_system epss
scoring_elements 0.23408
published_at 2026-04-09T12:55:00Z
5
value 0.00079
scoring_system epss
scoring_elements 0.23358
published_at 2026-04-08T12:55:00Z
6
value 0.00079
scoring_system epss
scoring_elements 0.23285
published_at 2026-04-07T12:55:00Z
7
value 0.00079
scoring_system epss
scoring_elements 0.23501
published_at 2026-04-04T12:55:00Z
8
value 0.00079
scoring_system epss
scoring_elements 0.23464
published_at 2026-04-02T12:55:00Z
9
value 0.0013
scoring_system epss
scoring_elements 0.32543
published_at 2026-04-16T12:55:00Z
10
value 0.0013
scoring_system epss
scoring_elements 0.32522
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-10729
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1831089
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1831089
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10156
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10156
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10206
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10206
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14846
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14846
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14864
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14864
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14904
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14904
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10684
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10684
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10685
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10685
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10729
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10729
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14330
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14330
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14332
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14332
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14365
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14365
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1733
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1733
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1735
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1735
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1739
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1739
17
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1740
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1740
18
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1746
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1746
19
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1753
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1753
20
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20228
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20228
21
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
22
reference_url https://github.com/advisories/GHSA-r6h7-5pq2-j77h
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-r6h7-5pq2-j77h
23
reference_url https://github.com/ansible/ansible
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible
24
reference_url https://github.com/ansible/ansible/blob/v2.9.6/changelogs/CHANGELOG-v2.9.rst
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/blob/v2.9.6/changelogs/CHANGELOG-v2.9.rst
25
reference_url https://github.com/ansible/ansible/commit/c520d70bf4748c8ee6718a7d0d0254051ba1c2e9
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/c520d70bf4748c8ee6718a7d0d0254051ba1c2e9
26
reference_url https://github.com/ansible/ansible/issues/34144
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/issues/34144
27
reference_url https://github.com/ansible/ansible/pull/67429
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/pull/67429
28
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2021-105.yaml
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2021-105.yaml
29
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-10729
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-10729
30
reference_url https://www.debian.org/security/2021/dsa-4950
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2021/dsa-4950
31
reference_url https://usn.ubuntu.com/7330-1/
reference_id USN-7330-1
reference_type
scores
url https://usn.ubuntu.com/7330-1/
fixed_packages
0
url pkg:pypi/ansible@2.9.6
purl pkg:pypi/ansible@2.9.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3jej-4jyp-cqbt
1
vulnerability VCID-4yvf-k192-9fca
2
vulnerability VCID-682j-e2pu-1uee
3
vulnerability VCID-atun-stks-4kcb
4
vulnerability VCID-axc3-wcsk-q3eg
5
vulnerability VCID-b8zs-br97-57av
6
vulnerability VCID-c1xg-s3kx-gkft
7
vulnerability VCID-d7ez-s7qb-p3ay
8
vulnerability VCID-dzdx-wae5-8ydy
9
vulnerability VCID-e3z2-ydhb-gqfg
10
vulnerability VCID-ezaq-tqd3-4yd1
11
vulnerability VCID-ezux-6buh-h7h7
12
vulnerability VCID-fj2p-7wkh-1fhq
13
vulnerability VCID-geaa-6dxx-tbcw
14
vulnerability VCID-h1n3-cmte-eugf
15
vulnerability VCID-hqar-fca3-cbht
16
vulnerability VCID-jrxz-b168-7ug4
17
vulnerability VCID-js7k-ptm9-2yh1
18
vulnerability VCID-qbdk-hxhg-wbh4
19
vulnerability VCID-rdwq-93d6-c7b4
20
vulnerability VCID-rg5d-st3d-nbah
21
vulnerability VCID-ujbp-cc1r-wfe9
22
vulnerability VCID-v3h9-1t69-v7a3
23
vulnerability VCID-whyk-3ynn-zyf4
24
vulnerability VCID-xg2f-12w4-yqge
25
vulnerability VCID-xw8r-fn6y-mbhp
26
vulnerability VCID-yeea-n94x-qqch
27
vulnerability VCID-yur3-am6j-w7ay
28
vulnerability VCID-zzzs-scbg-bbe9
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.6
aliases CVE-2020-10729, GHSA-r6h7-5pq2-j77h, PYSEC-2021-105
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-x94k-nxyd-27gs
19
url VCID-xw8r-fn6y-mbhp
vulnerability_id VCID-xw8r-fn6y-mbhp
summary A flaw was found in ansible. Credentials, such as secrets, are being disclosed in console log by default and not protected by no_log feature when using those modules. An attacker can take advantage of this information to steal those credentials. The highest threat from this vulnerability is to data confidentiality. Versions before ansible 2.9.18 are affected.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20191.json
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20191.json
1
reference_url https://access.redhat.com/security/cve/cve-2021-20191
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/cve-2021-20191
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-20191
reference_id
reference_type
scores
0
value 0.00037
scoring_system epss
scoring_elements 0.11217
published_at 2026-04-13T12:55:00Z
1
value 0.00037
scoring_system epss
scoring_elements 0.11243
published_at 2026-04-12T12:55:00Z
2
value 0.00037
scoring_system epss
scoring_elements 0.11277
published_at 2026-04-11T12:55:00Z
3
value 0.00037
scoring_system epss
scoring_elements 0.11266
published_at 2026-04-09T12:55:00Z
4
value 0.00037
scoring_system epss
scoring_elements 0.1121
published_at 2026-04-08T12:55:00Z
5
value 0.00037
scoring_system epss
scoring_elements 0.11131
published_at 2026-04-07T12:55:00Z
6
value 0.00037
scoring_system epss
scoring_elements 0.11315
published_at 2026-04-04T12:55:00Z
7
value 0.00037
scoring_system epss
scoring_elements 0.11255
published_at 2026-04-02T12:55:00Z
8
value 0.00037
scoring_system epss
scoring_elements 0.11108
published_at 2026-04-01T12:55:00Z
9
value 0.00037
scoring_system epss
scoring_elements 0.1108
published_at 2026-04-16T12:55:00Z
10
value 0.00037
scoring_system epss
scoring_elements 0.11089
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-20191
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1916813
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1916813
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20191
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20191
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://github.com/advisories/GHSA-8f4m-hccc-8qph
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-8f4m-hccc-8qph
7
reference_url https://github.com/ansible/ansible
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible
8
reference_url https://github.com/ansible/ansible/commit/cc82d986c40328d4ae81298a9d287c95a6326bb0
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/cc82d986c40328d4ae81298a9d287c95a6326bb0
9
reference_url https://github.com/ansible/ansible/commit/d74a1b1d1325af2a24848044cf2858987f5a3ecc
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/d74a1b1d1325af2a24848044cf2858987f5a3ecc
10
reference_url https://github.com/ansible/ansible/pull/73488
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/pull/73488
11
reference_url https://github.com/ansible/ansible/pull/73489
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/pull/73489
12
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2021-124.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2021-124.yaml
13
reference_url https://lists.debian.org/debian-lts-announce/2023/12/msg00018.html
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2023/12/msg00018.html
14
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-20191
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-20191
15
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985753
reference_id 985753
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985753
16
reference_url https://security.archlinux.org/ASA-202102-9
reference_id ASA-202102-9
reference_type
scores
url https://security.archlinux.org/ASA-202102-9
17
reference_url https://security.archlinux.org/AVG-1437
reference_id AVG-1437
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1437
18
reference_url https://access.redhat.com/errata/RHSA-2021:0663
reference_id RHSA-2021:0663
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0663
19
reference_url https://access.redhat.com/errata/RHSA-2021:0664
reference_id RHSA-2021:0664
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0664
20
reference_url https://access.redhat.com/errata/RHSA-2021:1079
reference_id RHSA-2021:1079
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:1079
21
reference_url https://access.redhat.com/errata/RHSA-2021:2180
reference_id RHSA-2021:2180
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:2180
fixed_packages
0
url pkg:pypi/ansible@2.8.19rc1
purl pkg:pypi/ansible@2.8.19rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4yvf-k192-9fca
1
vulnerability VCID-682j-e2pu-1uee
2
vulnerability VCID-atun-stks-4kcb
3
vulnerability VCID-axc3-wcsk-q3eg
4
vulnerability VCID-c1xg-s3kx-gkft
5
vulnerability VCID-dzdx-wae5-8ydy
6
vulnerability VCID-e3z2-ydhb-gqfg
7
vulnerability VCID-fj2p-7wkh-1fhq
8
vulnerability VCID-geaa-6dxx-tbcw
9
vulnerability VCID-js7k-ptm9-2yh1
10
vulnerability VCID-qbdk-hxhg-wbh4
11
vulnerability VCID-rdwq-93d6-c7b4
12
vulnerability VCID-rg5d-st3d-nbah
13
vulnerability VCID-ujbp-cc1r-wfe9
14
vulnerability VCID-v3h9-1t69-v7a3
15
vulnerability VCID-x94k-nxyd-27gs
16
vulnerability VCID-xw8r-fn6y-mbhp
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.8.19rc1
1
url pkg:pypi/ansible@2.8.19
purl pkg:pypi/ansible@2.8.19
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4yvf-k192-9fca
1
vulnerability VCID-682j-e2pu-1uee
2
vulnerability VCID-atun-stks-4kcb
3
vulnerability VCID-axc3-wcsk-q3eg
4
vulnerability VCID-c1xg-s3kx-gkft
5
vulnerability VCID-dzdx-wae5-8ydy
6
vulnerability VCID-e3z2-ydhb-gqfg
7
vulnerability VCID-fj2p-7wkh-1fhq
8
vulnerability VCID-geaa-6dxx-tbcw
9
vulnerability VCID-js7k-ptm9-2yh1
10
vulnerability VCID-qbdk-hxhg-wbh4
11
vulnerability VCID-rdwq-93d6-c7b4
12
vulnerability VCID-rg5d-st3d-nbah
13
vulnerability VCID-ujbp-cc1r-wfe9
14
vulnerability VCID-v3h9-1t69-v7a3
15
vulnerability VCID-x94k-nxyd-27gs
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.8.19
2
url pkg:pypi/ansible@2.9.18rc1
purl pkg:pypi/ansible@2.9.18rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4yvf-k192-9fca
1
vulnerability VCID-682j-e2pu-1uee
2
vulnerability VCID-atun-stks-4kcb
3
vulnerability VCID-axc3-wcsk-q3eg
4
vulnerability VCID-c1xg-s3kx-gkft
5
vulnerability VCID-dzdx-wae5-8ydy
6
vulnerability VCID-e3z2-ydhb-gqfg
7
vulnerability VCID-fj2p-7wkh-1fhq
8
vulnerability VCID-geaa-6dxx-tbcw
9
vulnerability VCID-js7k-ptm9-2yh1
10
vulnerability VCID-qbdk-hxhg-wbh4
11
vulnerability VCID-rg5d-st3d-nbah
12
vulnerability VCID-ujbp-cc1r-wfe9
13
vulnerability VCID-v3h9-1t69-v7a3
14
vulnerability VCID-xw8r-fn6y-mbhp
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.18rc1
3
url pkg:pypi/ansible@2.9.18
purl pkg:pypi/ansible@2.9.18
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4yvf-k192-9fca
1
vulnerability VCID-682j-e2pu-1uee
2
vulnerability VCID-axc3-wcsk-q3eg
3
vulnerability VCID-c1xg-s3kx-gkft
4
vulnerability VCID-dzdx-wae5-8ydy
5
vulnerability VCID-e3z2-ydhb-gqfg
6
vulnerability VCID-geaa-6dxx-tbcw
7
vulnerability VCID-qbdk-hxhg-wbh4
8
vulnerability VCID-rg5d-st3d-nbah
9
vulnerability VCID-ujbp-cc1r-wfe9
10
vulnerability VCID-v3h9-1t69-v7a3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.18
4
url pkg:pypi/ansible@2.10.7
purl pkg:pypi/ansible@2.10.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4yvf-k192-9fca
1
vulnerability VCID-682j-e2pu-1uee
2
vulnerability VCID-axc3-wcsk-q3eg
3
vulnerability VCID-qbdk-hxhg-wbh4
4
vulnerability VCID-ujbp-cc1r-wfe9
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.10.7
aliases CVE-2021-20191, GHSA-8f4m-hccc-8qph, PYSEC-2021-124
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xw8r-fn6y-mbhp
20
url VCID-yeea-n94x-qqch
vulnerability_id VCID-yeea-n94x-qqch
summary A flaw was found in the Ansible Engine when using module_args. Tasks executed with check mode (--check-mode) do not properly neutralize sensitive data exposed in the event data. This flaw allows unauthorized users to read this data. The highest threat from this vulnerability is to confidentiality.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14332.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14332.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-14332
reference_id
reference_type
scores
0
value 0.00149
scoring_system epss
scoring_elements 0.3539
published_at 2026-04-18T12:55:00Z
1
value 0.00149
scoring_system epss
scoring_elements 0.35401
published_at 2026-04-16T12:55:00Z
2
value 0.00149
scoring_system epss
scoring_elements 0.35362
published_at 2026-04-13T12:55:00Z
3
value 0.00149
scoring_system epss
scoring_elements 0.35384
published_at 2026-04-12T12:55:00Z
4
value 0.00149
scoring_system epss
scoring_elements 0.3542
published_at 2026-04-11T12:55:00Z
5
value 0.00149
scoring_system epss
scoring_elements 0.35419
published_at 2026-04-09T12:55:00Z
6
value 0.00149
scoring_system epss
scoring_elements 0.35394
published_at 2026-04-08T12:55:00Z
7
value 0.00149
scoring_system epss
scoring_elements 0.35348
published_at 2026-04-07T12:55:00Z
8
value 0.00149
scoring_system epss
scoring_elements 0.35465
published_at 2026-04-04T12:55:00Z
9
value 0.00149
scoring_system epss
scoring_elements 0.3544
published_at 2026-04-02T12:55:00Z
10
value 0.00149
scoring_system epss
scoring_elements 0.35239
published_at 2026-04-01T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-14332
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-14332
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-14332
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10156
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10156
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10206
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10206
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14846
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14846
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14864
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14864
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14904
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14904
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10684
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10684
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10685
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10685
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10729
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10729
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14330
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14330
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14332
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14332
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14365
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14365
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1733
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1733
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1735
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1735
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1739
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1739
17
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1740
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1740
18
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1746
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1746
19
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1753
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1753
20
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20228
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20228
21
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
22
reference_url https://github.com/advisories/GHSA-j667-c2hm-f2wp
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-j667-c2hm-f2wp
23
reference_url https://github.com/ansible/ansible
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible
24
reference_url https://github.com/ansible/ansible/blob/stable-2.10/changelogs/CHANGELOG-v2.10.rst#security-fixes-3
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/blob/stable-2.10/changelogs/CHANGELOG-v2.10.rst#security-fixes-3
25
reference_url https://github.com/ansible/ansible/blob/stable-2.8/changelogs/CHANGELOG-v2.8.rst#security-fixes-4
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/blob/stable-2.8/changelogs/CHANGELOG-v2.8.rst#security-fixes-4
26
reference_url https://github.com/ansible/ansible/blob/stable-2.9/changelogs/CHANGELOG-v2.9.rst#security-fixes-6
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/blob/stable-2.9/changelogs/CHANGELOG-v2.9.rst#security-fixes-6
27
reference_url https://github.com/ansible/ansible/commit/291f94934c8c49eef85e6539087f2dfcd001fe4f
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/291f94934c8c49eef85e6539087f2dfcd001fe4f
28
reference_url https://github.com/ansible/ansible/commit/6cae9a4b168df776bf82deb04b2c62e00c38b49a
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/6cae9a4b168df776bf82deb04b2c62e00c38b49a
29
reference_url https://github.com/ansible/ansible/commit/714cd2ad2eff7f003d728414afcb91591fad5d9a
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/714cd2ad2eff7f003d728414afcb91591fad5d9a
30
reference_url https://github.com/ansible/ansible/pull/71033
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/pull/71033
31
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2020-4.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2020-4.yaml
32
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-14332
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-14332
33
reference_url https://www.debian.org/security/2021/dsa-4950
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2021/dsa-4950
34
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1857805
reference_id 1857805
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1857805
35
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=966672
reference_id 966672
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=966672
36
reference_url https://access.redhat.com/errata/RHSA-2020:3600
reference_id RHSA-2020:3600
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3600
fixed_packages
0
url pkg:pypi/ansible@2.8.14
purl pkg:pypi/ansible@2.8.14
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4yvf-k192-9fca
1
vulnerability VCID-682j-e2pu-1uee
2
vulnerability VCID-atun-stks-4kcb
3
vulnerability VCID-axc3-wcsk-q3eg
4
vulnerability VCID-c1xg-s3kx-gkft
5
vulnerability VCID-dzdx-wae5-8ydy
6
vulnerability VCID-e3z2-ydhb-gqfg
7
vulnerability VCID-fj2p-7wkh-1fhq
8
vulnerability VCID-geaa-6dxx-tbcw
9
vulnerability VCID-jrxz-b168-7ug4
10
vulnerability VCID-js7k-ptm9-2yh1
11
vulnerability VCID-qbdk-hxhg-wbh4
12
vulnerability VCID-rdwq-93d6-c7b4
13
vulnerability VCID-rg5d-st3d-nbah
14
vulnerability VCID-ujbp-cc1r-wfe9
15
vulnerability VCID-v3h9-1t69-v7a3
16
vulnerability VCID-x94k-nxyd-27gs
17
vulnerability VCID-xw8r-fn6y-mbhp
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.8.14
1
url pkg:pypi/ansible@2.9.12
purl pkg:pypi/ansible@2.9.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4yvf-k192-9fca
1
vulnerability VCID-682j-e2pu-1uee
2
vulnerability VCID-atun-stks-4kcb
3
vulnerability VCID-axc3-wcsk-q3eg
4
vulnerability VCID-c1xg-s3kx-gkft
5
vulnerability VCID-dzdx-wae5-8ydy
6
vulnerability VCID-e3z2-ydhb-gqfg
7
vulnerability VCID-fj2p-7wkh-1fhq
8
vulnerability VCID-geaa-6dxx-tbcw
9
vulnerability VCID-jrxz-b168-7ug4
10
vulnerability VCID-js7k-ptm9-2yh1
11
vulnerability VCID-qbdk-hxhg-wbh4
12
vulnerability VCID-rg5d-st3d-nbah
13
vulnerability VCID-ujbp-cc1r-wfe9
14
vulnerability VCID-v3h9-1t69-v7a3
15
vulnerability VCID-xw8r-fn6y-mbhp
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.12
2
url pkg:pypi/ansible@2.10.1rc2
purl pkg:pypi/ansible@2.10.1rc2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.10.1rc2
3
url pkg:pypi/ansible@2.10.1
purl pkg:pypi/ansible@2.10.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2jy6-eqpn-wbce
1
vulnerability VCID-4yvf-k192-9fca
2
vulnerability VCID-682j-e2pu-1uee
3
vulnerability VCID-axc3-wcsk-q3eg
4
vulnerability VCID-e3z2-ydhb-gqfg
5
vulnerability VCID-qbdk-hxhg-wbh4
6
vulnerability VCID-ujbp-cc1r-wfe9
7
vulnerability VCID-xw8r-fn6y-mbhp
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.10.1
aliases CVE-2020-14332, GHSA-j667-c2hm-f2wp, PYSEC-2020-4
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yeea-n94x-qqch
Fixing_vulnerabilities
0
url VCID-ezaq-tqd3-4yd1
vulnerability_id VCID-ezaq-tqd3-4yd1
summary A security flaw was found in Ansible Engine, all Ansible 2.7.x versions prior to 2.7.17, all Ansible 2.8.x versions prior to 2.8.11 and all Ansible 2.9.x versions prior to 2.9.7, when managing kubernetes using the k8s module. Sensitive parameters such as passwords and tokens are passed to kubectl from the command line, not using an environment variable or an input configuration file. This will disclose passwords and tokens from process list and no_log directive from debug module would not have any effect making these secrets being disclosed on stdout and log files.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1753.json
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1753.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-1753
reference_id
reference_type
scores
0
value 0.00042
scoring_system epss
scoring_elements 0.1269
published_at 2026-04-18T12:55:00Z
1
value 0.00042
scoring_system epss
scoring_elements 0.12683
published_at 2026-04-16T12:55:00Z
2
value 0.00042
scoring_system epss
scoring_elements 0.1278
published_at 2026-04-13T12:55:00Z
3
value 0.00042
scoring_system epss
scoring_elements 0.12825
published_at 2026-04-12T12:55:00Z
4
value 0.00042
scoring_system epss
scoring_elements 0.12862
published_at 2026-04-11T12:55:00Z
5
value 0.00042
scoring_system epss
scoring_elements 0.12896
published_at 2026-04-09T12:55:00Z
6
value 0.00042
scoring_system epss
scoring_elements 0.12845
published_at 2026-04-08T12:55:00Z
7
value 0.00042
scoring_system epss
scoring_elements 0.12766
published_at 2026-04-07T12:55:00Z
8
value 0.00042
scoring_system epss
scoring_elements 0.12964
published_at 2026-04-04T12:55:00Z
9
value 0.00042
scoring_system epss
scoring_elements 0.12914
published_at 2026-04-02T12:55:00Z
10
value 0.00042
scoring_system epss
scoring_elements 0.12816
published_at 2026-04-01T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-1753
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1753
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1753
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10156
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10156
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10206
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10206
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14846
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14846
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14864
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14864
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14904
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14904
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10684
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10684
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10685
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10685
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10729
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10729
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14330
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14330
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14332
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14332
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14365
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14365
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1733
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1733
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1735
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1735
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1739
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1739
17
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1740
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1740
18
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1746
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1746
19
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1753
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1753
20
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20228
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20228
21
reference_url https://github.com/advisories/GHSA-86hp-cj9j-33vv
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-86hp-cj9j-33vv
22
reference_url https://github.com/ansible/ansible/commit/04ba05e003b268b83df6c106ba5c0f08548b1380
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/04ba05e003b268b83df6c106ba5c0f08548b1380
23
reference_url https://github.com/ansible/ansible/commit/137caed836ef096945086cfe75dc11587b68db3a
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/137caed836ef096945086cfe75dc11587b68db3a
24
reference_url https://github.com/ansible/ansible/commit/273d8538dbe5a7b5c9954f1929d3bb00904c43f6
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/273d8538dbe5a7b5c9954f1929d3bb00904c43f6
25
reference_url https://github.com/ansible/ansible/pull/68195
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/pull/68195
26
reference_url https://github.com/ansible-collections/kubernetes
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible-collections/kubernetes
27
reference_url https://github.com/ansible-collections/kubernetes/pull/51
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible-collections/kubernetes/pull/51
28
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2020-210.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2020-210.yaml
29
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DKPA4KC3OJSUFASUYMG66HKJE7ADNGFW/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DKPA4KC3OJSUFASUYMG66HKJE7ADNGFW/
30
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRRYUU5ZBLPBXCYG6CFP35D64NP2UB2S/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRRYUU5ZBLPBXCYG6CFP35D64NP2UB2S/
31
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WQVOQD4VAIXXTVQAJKTN7NUGTJFE2PCB/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WQVOQD4VAIXXTVQAJKTN7NUGTJFE2PCB/
32
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DKPA4KC3OJSUFASUYMG66HKJE7ADNGFW
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DKPA4KC3OJSUFASUYMG66HKJE7ADNGFW
33
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DKPA4KC3OJSUFASUYMG66HKJE7ADNGFW/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DKPA4KC3OJSUFASUYMG66HKJE7ADNGFW/
34
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRRYUU5ZBLPBXCYG6CFP35D64NP2UB2S
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRRYUU5ZBLPBXCYG6CFP35D64NP2UB2S
35
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRRYUU5ZBLPBXCYG6CFP35D64NP2UB2S/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRRYUU5ZBLPBXCYG6CFP35D64NP2UB2S/
36
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WQVOQD4VAIXXTVQAJKTN7NUGTJFE2PCB
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WQVOQD4VAIXXTVQAJKTN7NUGTJFE2PCB
37
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WQVOQD4VAIXXTVQAJKTN7NUGTJFE2PCB/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WQVOQD4VAIXXTVQAJKTN7NUGTJFE2PCB/
38
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-1753
reference_id
reference_type
scores
0
value 2.1
scoring_system cvssv2
scoring_elements AV:L/AC:L/Au:N/C:P/I:N/A:N
1
value 5.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
2
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
3
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
4
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-1753
39
reference_url https://security.gentoo.org/glsa/202006-11
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202006-11
40
reference_url https://www.debian.org/security/2021/dsa-4950
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2021/dsa-4950
41
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1811008
reference_id 1811008
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1811008
42
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_engine:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:ansible_engine:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_engine:*:*:*:*:*:*:*:*
43
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_tower:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:ansible_tower:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_tower:*:*:*:*:*:*:*:*
44
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
45
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
reference_id cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
46
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
reference_id cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
47
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*
reference_id cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*
48
reference_url https://access.redhat.com/errata/RHSA-2020:1541
reference_id RHSA-2020:1541
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1541
49
reference_url https://access.redhat.com/errata/RHSA-2020:1542
reference_id RHSA-2020:1542
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1542
50
reference_url https://access.redhat.com/errata/RHSA-2020:2142
reference_id RHSA-2020:2142
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2142
fixed_packages
0
url pkg:pypi/ansible@2.7.17
purl pkg:pypi/ansible@2.7.17
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4yvf-k192-9fca
1
vulnerability VCID-682j-e2pu-1uee
2
vulnerability VCID-atun-stks-4kcb
3
vulnerability VCID-axc3-wcsk-q3eg
4
vulnerability VCID-c1xg-s3kx-gkft
5
vulnerability VCID-dzdx-wae5-8ydy
6
vulnerability VCID-e3z2-ydhb-gqfg
7
vulnerability VCID-ezaq-tqd3-4yd1
8
vulnerability VCID-fj2p-7wkh-1fhq
9
vulnerability VCID-geaa-6dxx-tbcw
10
vulnerability VCID-jnmu-c8dt-5yb6
11
vulnerability VCID-js7k-ptm9-2yh1
12
vulnerability VCID-qbdk-hxhg-wbh4
13
vulnerability VCID-r6bb-p28b-8fcn
14
vulnerability VCID-rdwq-93d6-c7b4
15
vulnerability VCID-rg5d-st3d-nbah
16
vulnerability VCID-ujbp-cc1r-wfe9
17
vulnerability VCID-v3h9-1t69-v7a3
18
vulnerability VCID-whyk-3ynn-zyf4
19
vulnerability VCID-x94k-nxyd-27gs
20
vulnerability VCID-xw8r-fn6y-mbhp
21
vulnerability VCID-yeea-n94x-qqch
22
vulnerability VCID-zzzs-scbg-bbe9
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.7.17
1
url pkg:pypi/ansible@2.7.18
purl pkg:pypi/ansible@2.7.18
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4yvf-k192-9fca
1
vulnerability VCID-682j-e2pu-1uee
2
vulnerability VCID-atun-stks-4kcb
3
vulnerability VCID-axc3-wcsk-q3eg
4
vulnerability VCID-c1xg-s3kx-gkft
5
vulnerability VCID-dzdx-wae5-8ydy
6
vulnerability VCID-e3z2-ydhb-gqfg
7
vulnerability VCID-fj2p-7wkh-1fhq
8
vulnerability VCID-geaa-6dxx-tbcw
9
vulnerability VCID-jnmu-c8dt-5yb6
10
vulnerability VCID-js7k-ptm9-2yh1
11
vulnerability VCID-qbdk-hxhg-wbh4
12
vulnerability VCID-r6bb-p28b-8fcn
13
vulnerability VCID-rdwq-93d6-c7b4
14
vulnerability VCID-rg5d-st3d-nbah
15
vulnerability VCID-ujbp-cc1r-wfe9
16
vulnerability VCID-v3h9-1t69-v7a3
17
vulnerability VCID-whyk-3ynn-zyf4
18
vulnerability VCID-x94k-nxyd-27gs
19
vulnerability VCID-xw8r-fn6y-mbhp
20
vulnerability VCID-yeea-n94x-qqch
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.7.18
2
url pkg:pypi/ansible@2.8.0a1
purl pkg:pypi/ansible@2.8.0a1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4yvf-k192-9fca
1
vulnerability VCID-682j-e2pu-1uee
2
vulnerability VCID-a49n-tvnt-p3df
3
vulnerability VCID-ae1r-yq1g-rkem
4
vulnerability VCID-atun-stks-4kcb
5
vulnerability VCID-axc3-wcsk-q3eg
6
vulnerability VCID-b8zs-br97-57av
7
vulnerability VCID-c1xg-s3kx-gkft
8
vulnerability VCID-d4ka-dk4p-kfhb
9
vulnerability VCID-d7ez-s7qb-p3ay
10
vulnerability VCID-dzdx-wae5-8ydy
11
vulnerability VCID-e3z2-ydhb-gqfg
12
vulnerability VCID-ezaq-tqd3-4yd1
13
vulnerability VCID-ezux-6buh-h7h7
14
vulnerability VCID-fj2p-7wkh-1fhq
15
vulnerability VCID-geaa-6dxx-tbcw
16
vulnerability VCID-h1n3-cmte-eugf
17
vulnerability VCID-hqar-fca3-cbht
18
vulnerability VCID-jnmu-c8dt-5yb6
19
vulnerability VCID-jrxz-b168-7ug4
20
vulnerability VCID-js7k-ptm9-2yh1
21
vulnerability VCID-kb5h-116p-33b4
22
vulnerability VCID-nukv-kkws-xkb1
23
vulnerability VCID-qbdk-hxhg-wbh4
24
vulnerability VCID-r6bb-p28b-8fcn
25
vulnerability VCID-rdwq-93d6-c7b4
26
vulnerability VCID-rg5d-st3d-nbah
27
vulnerability VCID-uhg5-zpzt-e3gz
28
vulnerability VCID-ujbp-cc1r-wfe9
29
vulnerability VCID-v3h9-1t69-v7a3
30
vulnerability VCID-whyk-3ynn-zyf4
31
vulnerability VCID-x5e2-7whc-v3fc
32
vulnerability VCID-x94k-nxyd-27gs
33
vulnerability VCID-xg2f-12w4-yqge
34
vulnerability VCID-xw8r-fn6y-mbhp
35
vulnerability VCID-yeea-n94x-qqch
36
vulnerability VCID-yur3-am6j-w7ay
37
vulnerability VCID-zzzs-scbg-bbe9
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.8.0a1
3
url pkg:pypi/ansible@2.8.9
purl pkg:pypi/ansible@2.8.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4yvf-k192-9fca
1
vulnerability VCID-682j-e2pu-1uee
2
vulnerability VCID-atun-stks-4kcb
3
vulnerability VCID-axc3-wcsk-q3eg
4
vulnerability VCID-b8zs-br97-57av
5
vulnerability VCID-c1xg-s3kx-gkft
6
vulnerability VCID-d7ez-s7qb-p3ay
7
vulnerability VCID-dzdx-wae5-8ydy
8
vulnerability VCID-e3z2-ydhb-gqfg
9
vulnerability VCID-ezaq-tqd3-4yd1
10
vulnerability VCID-ezux-6buh-h7h7
11
vulnerability VCID-fj2p-7wkh-1fhq
12
vulnerability VCID-geaa-6dxx-tbcw
13
vulnerability VCID-h1n3-cmte-eugf
14
vulnerability VCID-hqar-fca3-cbht
15
vulnerability VCID-jrxz-b168-7ug4
16
vulnerability VCID-js7k-ptm9-2yh1
17
vulnerability VCID-qbdk-hxhg-wbh4
18
vulnerability VCID-rdwq-93d6-c7b4
19
vulnerability VCID-rg5d-st3d-nbah
20
vulnerability VCID-ujbp-cc1r-wfe9
21
vulnerability VCID-v3h9-1t69-v7a3
22
vulnerability VCID-whyk-3ynn-zyf4
23
vulnerability VCID-x94k-nxyd-27gs
24
vulnerability VCID-xg2f-12w4-yqge
25
vulnerability VCID-xw8r-fn6y-mbhp
26
vulnerability VCID-yeea-n94x-qqch
27
vulnerability VCID-yur3-am6j-w7ay
28
vulnerability VCID-zzzs-scbg-bbe9
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.8.9
4
url pkg:pypi/ansible@2.8.11
purl pkg:pypi/ansible@2.8.11
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4yvf-k192-9fca
1
vulnerability VCID-682j-e2pu-1uee
2
vulnerability VCID-atun-stks-4kcb
3
vulnerability VCID-axc3-wcsk-q3eg
4
vulnerability VCID-c1xg-s3kx-gkft
5
vulnerability VCID-dzdx-wae5-8ydy
6
vulnerability VCID-e3z2-ydhb-gqfg
7
vulnerability VCID-ezaq-tqd3-4yd1
8
vulnerability VCID-fj2p-7wkh-1fhq
9
vulnerability VCID-geaa-6dxx-tbcw
10
vulnerability VCID-jrxz-b168-7ug4
11
vulnerability VCID-js7k-ptm9-2yh1
12
vulnerability VCID-qbdk-hxhg-wbh4
13
vulnerability VCID-rdwq-93d6-c7b4
14
vulnerability VCID-rg5d-st3d-nbah
15
vulnerability VCID-ujbp-cc1r-wfe9
16
vulnerability VCID-v3h9-1t69-v7a3
17
vulnerability VCID-whyk-3ynn-zyf4
18
vulnerability VCID-x94k-nxyd-27gs
19
vulnerability VCID-xw8r-fn6y-mbhp
20
vulnerability VCID-yeea-n94x-qqch
21
vulnerability VCID-zzzs-scbg-bbe9
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.8.11
5
url pkg:pypi/ansible@2.8.12
purl pkg:pypi/ansible@2.8.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4yvf-k192-9fca
1
vulnerability VCID-682j-e2pu-1uee
2
vulnerability VCID-atun-stks-4kcb
3
vulnerability VCID-axc3-wcsk-q3eg
4
vulnerability VCID-c1xg-s3kx-gkft
5
vulnerability VCID-dzdx-wae5-8ydy
6
vulnerability VCID-e3z2-ydhb-gqfg
7
vulnerability VCID-fj2p-7wkh-1fhq
8
vulnerability VCID-geaa-6dxx-tbcw
9
vulnerability VCID-jrxz-b168-7ug4
10
vulnerability VCID-js7k-ptm9-2yh1
11
vulnerability VCID-qbdk-hxhg-wbh4
12
vulnerability VCID-rdwq-93d6-c7b4
13
vulnerability VCID-rg5d-st3d-nbah
14
vulnerability VCID-ujbp-cc1r-wfe9
15
vulnerability VCID-v3h9-1t69-v7a3
16
vulnerability VCID-whyk-3ynn-zyf4
17
vulnerability VCID-x94k-nxyd-27gs
18
vulnerability VCID-xw8r-fn6y-mbhp
19
vulnerability VCID-yeea-n94x-qqch
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.8.12
6
url pkg:pypi/ansible@2.9.6
purl pkg:pypi/ansible@2.9.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3jej-4jyp-cqbt
1
vulnerability VCID-4yvf-k192-9fca
2
vulnerability VCID-682j-e2pu-1uee
3
vulnerability VCID-atun-stks-4kcb
4
vulnerability VCID-axc3-wcsk-q3eg
5
vulnerability VCID-b8zs-br97-57av
6
vulnerability VCID-c1xg-s3kx-gkft
7
vulnerability VCID-d7ez-s7qb-p3ay
8
vulnerability VCID-dzdx-wae5-8ydy
9
vulnerability VCID-e3z2-ydhb-gqfg
10
vulnerability VCID-ezaq-tqd3-4yd1
11
vulnerability VCID-ezux-6buh-h7h7
12
vulnerability VCID-fj2p-7wkh-1fhq
13
vulnerability VCID-geaa-6dxx-tbcw
14
vulnerability VCID-h1n3-cmte-eugf
15
vulnerability VCID-hqar-fca3-cbht
16
vulnerability VCID-jrxz-b168-7ug4
17
vulnerability VCID-js7k-ptm9-2yh1
18
vulnerability VCID-qbdk-hxhg-wbh4
19
vulnerability VCID-rdwq-93d6-c7b4
20
vulnerability VCID-rg5d-st3d-nbah
21
vulnerability VCID-ujbp-cc1r-wfe9
22
vulnerability VCID-v3h9-1t69-v7a3
23
vulnerability VCID-whyk-3ynn-zyf4
24
vulnerability VCID-xg2f-12w4-yqge
25
vulnerability VCID-xw8r-fn6y-mbhp
26
vulnerability VCID-yeea-n94x-qqch
27
vulnerability VCID-yur3-am6j-w7ay
28
vulnerability VCID-zzzs-scbg-bbe9
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.6
7
url pkg:pypi/ansible@2.9.7
purl pkg:pypi/ansible@2.9.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4yvf-k192-9fca
1
vulnerability VCID-682j-e2pu-1uee
2
vulnerability VCID-atun-stks-4kcb
3
vulnerability VCID-axc3-wcsk-q3eg
4
vulnerability VCID-c1xg-s3kx-gkft
5
vulnerability VCID-dzdx-wae5-8ydy
6
vulnerability VCID-e3z2-ydhb-gqfg
7
vulnerability VCID-fj2p-7wkh-1fhq
8
vulnerability VCID-geaa-6dxx-tbcw
9
vulnerability VCID-jrxz-b168-7ug4
10
vulnerability VCID-js7k-ptm9-2yh1
11
vulnerability VCID-qbdk-hxhg-wbh4
12
vulnerability VCID-rdwq-93d6-c7b4
13
vulnerability VCID-rg5d-st3d-nbah
14
vulnerability VCID-ujbp-cc1r-wfe9
15
vulnerability VCID-v3h9-1t69-v7a3
16
vulnerability VCID-whyk-3ynn-zyf4
17
vulnerability VCID-xw8r-fn6y-mbhp
18
vulnerability VCID-yeea-n94x-qqch
19
vulnerability VCID-zzzs-scbg-bbe9
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.7
aliases CVE-2020-1753, GHSA-86hp-cj9j-33vv, PYSEC-2020-210
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ezaq-tqd3-4yd1
1
url VCID-zzzs-scbg-bbe9
vulnerability_id VCID-zzzs-scbg-bbe9
summary A flaw was found in the Ansible Engine when the fetch module is used. An attacker could intercept the module, inject a new path, and then choose a new destination path on the controller node. All versions in 2.7.x, 2.8.x and 2.9.x branches are believed to be vulnerable.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1735.json
reference_id
reference_type
scores
0
value 4.2
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1735.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-1735
reference_id
reference_type
scores
0
value 0.00155
scoring_system epss
scoring_elements 0.36313
published_at 2026-04-18T12:55:00Z
1
value 0.00155
scoring_system epss
scoring_elements 0.36329
published_at 2026-04-16T12:55:00Z
2
value 0.00155
scoring_system epss
scoring_elements 0.36287
published_at 2026-04-13T12:55:00Z
3
value 0.00155
scoring_system epss
scoring_elements 0.36308
published_at 2026-04-12T12:55:00Z
4
value 0.00155
scoring_system epss
scoring_elements 0.36344
published_at 2026-04-11T12:55:00Z
5
value 0.00155
scoring_system epss
scoring_elements 0.36206
published_at 2026-04-01T12:55:00Z
6
value 0.00155
scoring_system epss
scoring_elements 0.36316
published_at 2026-04-08T12:55:00Z
7
value 0.00155
scoring_system epss
scoring_elements 0.36268
published_at 2026-04-07T12:55:00Z
8
value 0.00155
scoring_system epss
scoring_elements 0.36433
published_at 2026-04-04T12:55:00Z
9
value 0.00155
scoring_system epss
scoring_elements 0.364
published_at 2026-04-02T12:55:00Z
10
value 0.00155
scoring_system epss
scoring_elements 0.36338
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-1735
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1735
reference_id
reference_type
scores
0
value 4.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N
1
value 4.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1735
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10156
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10156
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10206
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10206
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14846
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14846
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14864
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14864
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14904
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14904
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10684
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10684
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10685
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10685
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10729
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10729
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14330
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14330
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14332
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14332
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14365
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14365
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1733
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1733
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1735
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1735
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1739
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1739
17
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1740
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1740
18
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1746
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1746
19
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1753
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1753
20
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20228
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20228
21
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
22
reference_url https://github.com/advisories/GHSA-gfr2-qpxh-qj9m
reference_id
reference_type
scores
0
value 4.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value 4.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-gfr2-qpxh-qj9m
23
reference_url https://github.com/ansible/ansible
reference_id
reference_type
scores
0
value 4.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N
1
value 4.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible
24
reference_url https://github.com/ansible/ansible/blob/stable-2.9/changelogs/CHANGELOG-v2.9.rst#security-fixes-7
reference_id
reference_type
scores
0
value 4.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N
1
value 4.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/blob/stable-2.9/changelogs/CHANGELOG-v2.9.rst#security-fixes-7
25
reference_url https://github.com/ansible/ansible/commit/18f91bbb88a84b1d3614ef41c3550da735592ac1
reference_id
reference_type
scores
0
value 4.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N
1
value 4.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/18f91bbb88a84b1d3614ef41c3550da735592ac1
26
reference_url https://github.com/ansible/ansible/commit/40969ff43812fabf5397f818d9e521f9b39c9c9a
reference_id
reference_type
scores
0
value 4.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N
1
value 4.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/40969ff43812fabf5397f818d9e521f9b39c9c9a
27
reference_url https://github.com/ansible/ansible/commit/de9a4f5474c5f5db442ae7493d6b5da7177e335d
reference_id
reference_type
scores
0
value 4.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N
1
value 4.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/de9a4f5474c5f5db442ae7493d6b5da7177e335d
28
reference_url https://github.com/ansible/ansible/issues/67793
reference_id
reference_type
scores
0
value 4.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N
1
value 4.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/issues/67793
29
reference_url https://github.com/ansible/ansible/pull/69023
reference_id
reference_type
scores
0
value 4.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N
1
value 4.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/pull/69023
30
reference_url https://github.com/ansible/ansible/pull/69024
reference_id
reference_type
scores
0
value 4.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N
1
value 4.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/pull/69024
31
reference_url https://github.com/ansible/ansible/pull/69025
reference_id
reference_type
scores
0
value 4.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N
1
value 4.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/pull/69025
32
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2020-7.yaml
reference_id
reference_type
scores
0
value 4.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N
1
value 4.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2020-7.yaml
33
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DKPA4KC3OJSUFASUYMG66HKJE7ADNGFW/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DKPA4KC3OJSUFASUYMG66HKJE7ADNGFW/
34
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRRYUU5ZBLPBXCYG6CFP35D64NP2UB2S/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRRYUU5ZBLPBXCYG6CFP35D64NP2UB2S/
35
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WQVOQD4VAIXXTVQAJKTN7NUGTJFE2PCB/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WQVOQD4VAIXXTVQAJKTN7NUGTJFE2PCB/
36
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DKPA4KC3OJSUFASUYMG66HKJE7ADNGFW
reference_id
reference_type
scores
0
value 4.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N
1
value 4.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DKPA4KC3OJSUFASUYMG66HKJE7ADNGFW
37
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DKPA4KC3OJSUFASUYMG66HKJE7ADNGFW/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DKPA4KC3OJSUFASUYMG66HKJE7ADNGFW/
38
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRRYUU5ZBLPBXCYG6CFP35D64NP2UB2S
reference_id
reference_type
scores
0
value 4.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N
1
value 4.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRRYUU5ZBLPBXCYG6CFP35D64NP2UB2S
39
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRRYUU5ZBLPBXCYG6CFP35D64NP2UB2S/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRRYUU5ZBLPBXCYG6CFP35D64NP2UB2S/
40
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WQVOQD4VAIXXTVQAJKTN7NUGTJFE2PCB
reference_id
reference_type
scores
0
value 4.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N
1
value 4.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WQVOQD4VAIXXTVQAJKTN7NUGTJFE2PCB
41
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WQVOQD4VAIXXTVQAJKTN7NUGTJFE2PCB/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WQVOQD4VAIXXTVQAJKTN7NUGTJFE2PCB/
42
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-1735
reference_id
reference_type
scores
0
value 3.6
scoring_system cvssv2
scoring_elements AV:L/AC:L/Au:N/C:P/I:P/A:N
1
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
2
value 4.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N
3
value 4.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N
4
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-1735
43
reference_url https://security.gentoo.org/glsa/202006-11
reference_id
reference_type
scores
0
value 4.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N
1
value 4.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202006-11
44
reference_url https://www.debian.org/security/2021/dsa-4950
reference_id
reference_type
scores
url https://www.debian.org/security/2021/dsa-4950
45
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1802085
reference_id 1802085
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1802085
46
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:ansible:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible:*:*:*:*:*:*:*:*
47
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_tower:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:ansible_tower:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_tower:*:*:*:*:*:*:*:*
48
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:cloudforms_management_engine:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:cloudforms_management_engine:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:cloudforms_management_engine:5.0:*:*:*:*:*:*:*
49
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:13:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:openstack:13:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:13:*:*:*:*:*:*:*
50
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
51
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
reference_id cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
52
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
reference_id cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
53
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*
reference_id cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*
54
reference_url https://access.redhat.com/errata/RHSA-2020:1541
reference_id RHSA-2020:1541
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1541
55
reference_url https://access.redhat.com/errata/RHSA-2020:1542
reference_id RHSA-2020:1542
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1542
56
reference_url https://access.redhat.com/errata/RHSA-2020:1543
reference_id RHSA-2020:1543
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1543
57
reference_url https://access.redhat.com/errata/RHSA-2020:1544
reference_id RHSA-2020:1544
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1544
fixed_packages
0
url pkg:pypi/ansible@2.7.17
purl pkg:pypi/ansible@2.7.17
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4yvf-k192-9fca
1
vulnerability VCID-682j-e2pu-1uee
2
vulnerability VCID-atun-stks-4kcb
3
vulnerability VCID-axc3-wcsk-q3eg
4
vulnerability VCID-c1xg-s3kx-gkft
5
vulnerability VCID-dzdx-wae5-8ydy
6
vulnerability VCID-e3z2-ydhb-gqfg
7
vulnerability VCID-ezaq-tqd3-4yd1
8
vulnerability VCID-fj2p-7wkh-1fhq
9
vulnerability VCID-geaa-6dxx-tbcw
10
vulnerability VCID-jnmu-c8dt-5yb6
11
vulnerability VCID-js7k-ptm9-2yh1
12
vulnerability VCID-qbdk-hxhg-wbh4
13
vulnerability VCID-r6bb-p28b-8fcn
14
vulnerability VCID-rdwq-93d6-c7b4
15
vulnerability VCID-rg5d-st3d-nbah
16
vulnerability VCID-ujbp-cc1r-wfe9
17
vulnerability VCID-v3h9-1t69-v7a3
18
vulnerability VCID-whyk-3ynn-zyf4
19
vulnerability VCID-x94k-nxyd-27gs
20
vulnerability VCID-xw8r-fn6y-mbhp
21
vulnerability VCID-yeea-n94x-qqch
22
vulnerability VCID-zzzs-scbg-bbe9
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.7.17
1
url pkg:pypi/ansible@2.7.18
purl pkg:pypi/ansible@2.7.18
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4yvf-k192-9fca
1
vulnerability VCID-682j-e2pu-1uee
2
vulnerability VCID-atun-stks-4kcb
3
vulnerability VCID-axc3-wcsk-q3eg
4
vulnerability VCID-c1xg-s3kx-gkft
5
vulnerability VCID-dzdx-wae5-8ydy
6
vulnerability VCID-e3z2-ydhb-gqfg
7
vulnerability VCID-fj2p-7wkh-1fhq
8
vulnerability VCID-geaa-6dxx-tbcw
9
vulnerability VCID-jnmu-c8dt-5yb6
10
vulnerability VCID-js7k-ptm9-2yh1
11
vulnerability VCID-qbdk-hxhg-wbh4
12
vulnerability VCID-r6bb-p28b-8fcn
13
vulnerability VCID-rdwq-93d6-c7b4
14
vulnerability VCID-rg5d-st3d-nbah
15
vulnerability VCID-ujbp-cc1r-wfe9
16
vulnerability VCID-v3h9-1t69-v7a3
17
vulnerability VCID-whyk-3ynn-zyf4
18
vulnerability VCID-x94k-nxyd-27gs
19
vulnerability VCID-xw8r-fn6y-mbhp
20
vulnerability VCID-yeea-n94x-qqch
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.7.18
2
url pkg:pypi/ansible@2.8.0a1
purl pkg:pypi/ansible@2.8.0a1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4yvf-k192-9fca
1
vulnerability VCID-682j-e2pu-1uee
2
vulnerability VCID-a49n-tvnt-p3df
3
vulnerability VCID-ae1r-yq1g-rkem
4
vulnerability VCID-atun-stks-4kcb
5
vulnerability VCID-axc3-wcsk-q3eg
6
vulnerability VCID-b8zs-br97-57av
7
vulnerability VCID-c1xg-s3kx-gkft
8
vulnerability VCID-d4ka-dk4p-kfhb
9
vulnerability VCID-d7ez-s7qb-p3ay
10
vulnerability VCID-dzdx-wae5-8ydy
11
vulnerability VCID-e3z2-ydhb-gqfg
12
vulnerability VCID-ezaq-tqd3-4yd1
13
vulnerability VCID-ezux-6buh-h7h7
14
vulnerability VCID-fj2p-7wkh-1fhq
15
vulnerability VCID-geaa-6dxx-tbcw
16
vulnerability VCID-h1n3-cmte-eugf
17
vulnerability VCID-hqar-fca3-cbht
18
vulnerability VCID-jnmu-c8dt-5yb6
19
vulnerability VCID-jrxz-b168-7ug4
20
vulnerability VCID-js7k-ptm9-2yh1
21
vulnerability VCID-kb5h-116p-33b4
22
vulnerability VCID-nukv-kkws-xkb1
23
vulnerability VCID-qbdk-hxhg-wbh4
24
vulnerability VCID-r6bb-p28b-8fcn
25
vulnerability VCID-rdwq-93d6-c7b4
26
vulnerability VCID-rg5d-st3d-nbah
27
vulnerability VCID-uhg5-zpzt-e3gz
28
vulnerability VCID-ujbp-cc1r-wfe9
29
vulnerability VCID-v3h9-1t69-v7a3
30
vulnerability VCID-whyk-3ynn-zyf4
31
vulnerability VCID-x5e2-7whc-v3fc
32
vulnerability VCID-x94k-nxyd-27gs
33
vulnerability VCID-xg2f-12w4-yqge
34
vulnerability VCID-xw8r-fn6y-mbhp
35
vulnerability VCID-yeea-n94x-qqch
36
vulnerability VCID-yur3-am6j-w7ay
37
vulnerability VCID-zzzs-scbg-bbe9
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.8.0a1
3
url pkg:pypi/ansible@2.8.9
purl pkg:pypi/ansible@2.8.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4yvf-k192-9fca
1
vulnerability VCID-682j-e2pu-1uee
2
vulnerability VCID-atun-stks-4kcb
3
vulnerability VCID-axc3-wcsk-q3eg
4
vulnerability VCID-b8zs-br97-57av
5
vulnerability VCID-c1xg-s3kx-gkft
6
vulnerability VCID-d7ez-s7qb-p3ay
7
vulnerability VCID-dzdx-wae5-8ydy
8
vulnerability VCID-e3z2-ydhb-gqfg
9
vulnerability VCID-ezaq-tqd3-4yd1
10
vulnerability VCID-ezux-6buh-h7h7
11
vulnerability VCID-fj2p-7wkh-1fhq
12
vulnerability VCID-geaa-6dxx-tbcw
13
vulnerability VCID-h1n3-cmte-eugf
14
vulnerability VCID-hqar-fca3-cbht
15
vulnerability VCID-jrxz-b168-7ug4
16
vulnerability VCID-js7k-ptm9-2yh1
17
vulnerability VCID-qbdk-hxhg-wbh4
18
vulnerability VCID-rdwq-93d6-c7b4
19
vulnerability VCID-rg5d-st3d-nbah
20
vulnerability VCID-ujbp-cc1r-wfe9
21
vulnerability VCID-v3h9-1t69-v7a3
22
vulnerability VCID-whyk-3ynn-zyf4
23
vulnerability VCID-x94k-nxyd-27gs
24
vulnerability VCID-xg2f-12w4-yqge
25
vulnerability VCID-xw8r-fn6y-mbhp
26
vulnerability VCID-yeea-n94x-qqch
27
vulnerability VCID-yur3-am6j-w7ay
28
vulnerability VCID-zzzs-scbg-bbe9
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.8.9
4
url pkg:pypi/ansible@2.8.12
purl pkg:pypi/ansible@2.8.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4yvf-k192-9fca
1
vulnerability VCID-682j-e2pu-1uee
2
vulnerability VCID-atun-stks-4kcb
3
vulnerability VCID-axc3-wcsk-q3eg
4
vulnerability VCID-c1xg-s3kx-gkft
5
vulnerability VCID-dzdx-wae5-8ydy
6
vulnerability VCID-e3z2-ydhb-gqfg
7
vulnerability VCID-fj2p-7wkh-1fhq
8
vulnerability VCID-geaa-6dxx-tbcw
9
vulnerability VCID-jrxz-b168-7ug4
10
vulnerability VCID-js7k-ptm9-2yh1
11
vulnerability VCID-qbdk-hxhg-wbh4
12
vulnerability VCID-rdwq-93d6-c7b4
13
vulnerability VCID-rg5d-st3d-nbah
14
vulnerability VCID-ujbp-cc1r-wfe9
15
vulnerability VCID-v3h9-1t69-v7a3
16
vulnerability VCID-whyk-3ynn-zyf4
17
vulnerability VCID-x94k-nxyd-27gs
18
vulnerability VCID-xw8r-fn6y-mbhp
19
vulnerability VCID-yeea-n94x-qqch
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.8.12
5
url pkg:pypi/ansible@2.9.6
purl pkg:pypi/ansible@2.9.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3jej-4jyp-cqbt
1
vulnerability VCID-4yvf-k192-9fca
2
vulnerability VCID-682j-e2pu-1uee
3
vulnerability VCID-atun-stks-4kcb
4
vulnerability VCID-axc3-wcsk-q3eg
5
vulnerability VCID-b8zs-br97-57av
6
vulnerability VCID-c1xg-s3kx-gkft
7
vulnerability VCID-d7ez-s7qb-p3ay
8
vulnerability VCID-dzdx-wae5-8ydy
9
vulnerability VCID-e3z2-ydhb-gqfg
10
vulnerability VCID-ezaq-tqd3-4yd1
11
vulnerability VCID-ezux-6buh-h7h7
12
vulnerability VCID-fj2p-7wkh-1fhq
13
vulnerability VCID-geaa-6dxx-tbcw
14
vulnerability VCID-h1n3-cmte-eugf
15
vulnerability VCID-hqar-fca3-cbht
16
vulnerability VCID-jrxz-b168-7ug4
17
vulnerability VCID-js7k-ptm9-2yh1
18
vulnerability VCID-qbdk-hxhg-wbh4
19
vulnerability VCID-rdwq-93d6-c7b4
20
vulnerability VCID-rg5d-st3d-nbah
21
vulnerability VCID-ujbp-cc1r-wfe9
22
vulnerability VCID-v3h9-1t69-v7a3
23
vulnerability VCID-whyk-3ynn-zyf4
24
vulnerability VCID-xg2f-12w4-yqge
25
vulnerability VCID-xw8r-fn6y-mbhp
26
vulnerability VCID-yeea-n94x-qqch
27
vulnerability VCID-yur3-am6j-w7ay
28
vulnerability VCID-zzzs-scbg-bbe9
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.6
6
url pkg:pypi/ansible@2.9.8
purl pkg:pypi/ansible@2.9.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4yvf-k192-9fca
1
vulnerability VCID-682j-e2pu-1uee
2
vulnerability VCID-atun-stks-4kcb
3
vulnerability VCID-axc3-wcsk-q3eg
4
vulnerability VCID-c1xg-s3kx-gkft
5
vulnerability VCID-dzdx-wae5-8ydy
6
vulnerability VCID-e3z2-ydhb-gqfg
7
vulnerability VCID-fj2p-7wkh-1fhq
8
vulnerability VCID-geaa-6dxx-tbcw
9
vulnerability VCID-jrxz-b168-7ug4
10
vulnerability VCID-js7k-ptm9-2yh1
11
vulnerability VCID-qbdk-hxhg-wbh4
12
vulnerability VCID-rdwq-93d6-c7b4
13
vulnerability VCID-rg5d-st3d-nbah
14
vulnerability VCID-ujbp-cc1r-wfe9
15
vulnerability VCID-v3h9-1t69-v7a3
16
vulnerability VCID-whyk-3ynn-zyf4
17
vulnerability VCID-xw8r-fn6y-mbhp
18
vulnerability VCID-yeea-n94x-qqch
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.8
aliases CVE-2020-1735, GHSA-gfr2-qpxh-qj9m, PYSEC-2020-7
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zzzs-scbg-bbe9
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.7.18