VulnerableCode Package Details - pkg:deb/debian/ansible-core@2.12.0-1?distro=trixie

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-axc3-wcsk-q3eg	A flaw was found in Ansible, where a user's controller is vulnerable to template injection. This issue can occur through facts used in the template if the user is trying to put templates in multi-line YAML strings and the facts being handled do not routinely include special template characters. This flaw allows attackers to perform command injection, which discloses sensitive information. The highest threat from this vulnerability is to confidentiality and integrity.	CVE-2021-3583 GHSA-2pfh-q76x-gwvm PYSEC-2021-358
VCID-geaa-6dxx-tbcw	A flaw was found in Ansible Engine's ansible-connection module, where sensitive information such as the Ansible user credentials is disclosed by default in the traceback error message. The highest threat from this vulnerability is to confidentiality.	CVE-2021-3620 GHSA-4r65-35qq-ch8j PYSEC-2022-164

Vulnerability

Summary

Aliases

VCID-axc3-wcsk-q3eg

A flaw was found in Ansible, where a user's controller is vulnerable to template injection. This issue can occur through facts used in the template if the user is trying to put templates in multi-line YAML strings and the facts being handled do not routinely include special template characters. This flaw allows attackers to perform command injection, which discloses sensitive information. The highest threat from this vulnerability is to confidentiality and integrity.

CVE-2021-3583
GHSA-2pfh-q76x-gwvm
PYSEC-2021-358

VCID-geaa-6dxx-tbcw

A flaw was found in Ansible Engine's ansible-connection module, where sensitive information such as the Ansible user credentials is disclosed by default in the traceback error message. The highest threat from this vulnerability is to confidentiality.

CVE-2021-3620
GHSA-4r65-35qq-ch8j
PYSEC-2022-164

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T10:50:01.980152+00:00	Debian Importer	Fixing	VCID-axc3-wcsk-q3eg	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T10:23:29.673130+00:00	Debian Importer	Fixing	VCID-geaa-6dxx-tbcw	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-13T07:20:02.772406+00:00	Debian Importer	Fixing	VCID-axc3-wcsk-q3eg	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T07:00:09.514683+00:00	Debian Importer	Fixing	VCID-geaa-6dxx-tbcw	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-02T17:09:34.830994+00:00	Debian Importer	Fixing	VCID-axc3-wcsk-q3eg	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-02T17:07:59.017826+00:00	Debian Importer	Fixing	VCID-geaa-6dxx-tbcw	https://security-tracker.debian.org/tracker/data/json	38.1.0