Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:deb/debian/ansible@1.5.5%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/ansible@1.5.5%2Bdfsg-1?distro=trixie
Vulnerabilities affecting this package (0)
Vulnerability Summary Fixed by
This package is not known to be affected by vulnerabilities.
Vulnerabilities fixed by this package (4)
Vulnerability Summary Aliases
VCID-c22m-1buy-3uc5 The vault subsystem in Ansible before 1.5.5 does not set the umask before creation or modification of a vault file, which allows local users to obtain sensitive key information by reading a file. CVE-2014-4658
GHSA-5g4v-2pc6-4hh4
PYSEC-2020-200
VCID-jwsu-7znb-kueg Ansible before 1.5.5 constructs filenames containing user and password fields on the basis of deb lines in sources.list, which might allow local users to obtain sensitive credential information in opportunistic circumstances by leveraging existence of a file that uses the "deb http://user:pass@server:port/" format. CVE-2014-4660
GHSA-5xm4-jmpw-p6j3
PYSEC-2020-202
VCID-vdyk-rcxz-z7an The safe_eval function in Ansible before 1.5.4 does not properly restrict the code subset, which allows remote attackers to execute arbitrary code via crafted instructions. CVE-2014-4657
GHSA-qg47-5px9-32g7
PYSEC-2020-199
VCID-w6be-213x-1yh3 Ansible before 1.5.5 sets 0644 permissions for sources.list, which might allow local users to obtain sensitive credential information in opportunistic circumstances by reading a file that uses the "deb http://user:pass@server:port/" format. CVE-2014-4659
GHSA-6667-f46p-pg88
PYSEC-2020-201

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-16T11:13:32.401767+00:00 Debian Importer Fixing VCID-c22m-1buy-3uc5 https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T10:37:25.892034+00:00 Debian Importer Fixing VCID-vdyk-rcxz-z7an https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T10:19:38.865656+00:00 Debian Importer Fixing VCID-w6be-213x-1yh3 https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T10:10:27.024465+00:00 Debian Importer Fixing VCID-jwsu-7znb-kueg https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-13T07:37:59.034251+00:00 Debian Importer Fixing VCID-c22m-1buy-3uc5 https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T07:10:48.422225+00:00 Debian Importer Fixing VCID-vdyk-rcxz-z7an https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T06:57:08.979302+00:00 Debian Importer Fixing VCID-w6be-213x-1yh3 https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T06:50:09.702877+00:00 Debian Importer Fixing VCID-jwsu-7znb-kueg https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-02T17:10:47.825959+00:00 Debian Importer Fixing VCID-c22m-1buy-3uc5 https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-02T17:08:49.103468+00:00 Debian Importer Fixing VCID-vdyk-rcxz-z7an https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-02T17:07:45.105560+00:00 Debian Importer Fixing VCID-w6be-213x-1yh3 https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-02T17:07:12.148603+00:00 Debian Importer Fixing VCID-jwsu-7znb-kueg https://security-tracker.debian.org/tracker/data/json 38.1.0